www.sgtreport.com Open in urlscan Pro
209.59.154.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-cri...
Submission: On February 20 via api (February 20th 2022, 1:14:39 am UTC) from US — Scanned from DE

Summary HTTP 829 Redirects Links 75 Behaviour Indicators

Summary

This website contacted 97 IPs in 13 countries across 68 domains to perform 829 HTTP transactions. The main IP is 209.59.154.37, located in United States and belongs to LIQUIDWEB, US. The main domain is www.sgtreport.com. The Cisco Umbrella rank of the primary domain is 833864.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 6th 2022. Valid for: 3 months.

This is the only time www.sgtreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	209.59.154.37 209.59.154.37	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
31	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
16	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	72.142.122.58 72.142.122.58	812 (ROGERS-CO...) (ROGERS-COMMUNICATIONS)
1	54.165.164.249 54.165.164.249	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
70	2606:4700::68... 2606:4700::6811:a64e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225a:f600:18:9413:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.22.187.135 52.22.187.135	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 19	2606:4700:20:... 2606:4700:20::ac43:44a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	35.190.30.115 35.190.30.115	15169 (GOOGLE) (GOOGLE)
18 36	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2600:9000:206... 2600:9000:206f:6a00:1:93c2:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	65.9.63.124 65.9.63.124	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
6	52.215.125.248 52.215.125.248	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
4	52.222.188.9 52.222.188.9	16509 (AMAZON-02) (AMAZON-02)
2	65.9.63.104 65.9.63.104	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:e4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	89.187.169.15 89.187.169.15	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
6	34.202.18.77 34.202.18.77	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	52.218.57.59 52.218.57.59	16509 (AMAZON-02) (AMAZON-02)
10	69.30.230.98 69.30.230.98	32097 (WII) (WII)
1 30	188.42.29.168 188.42.29.168	7979 (SERVERS-COM) (SERVERS-COM)
25	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
13	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
90	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
13	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
13	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
23	2.21.141.148 2.21.141.148	16625 (AKAMAI-AS) (AKAMAI-AS)
17	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	3.123.202.144 3.123.202.144	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:20:... 2606:4700:20::681a:623	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	108.157.4.26 108.157.4.26	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
6	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
7	108.157.4.14 108.157.4.14	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
18	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.71.7.237 3.71.7.237	16509 (AMAZON-02) (AMAZON-02)
1	3.122.254.151 3.122.254.151	16509 (AMAZON-02) (AMAZON-02)
20	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	54.162.74.226 54.162.74.226	14618 (AMAZON-AES) (AMAZON-AES)
1	3.226.120.126 3.226.120.126	14618 (AMAZON-AES) (AMAZON-AES)
4	104.89.20.125 104.89.20.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 27	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	3.124.34.143 3.124.34.143	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
3 3	193.232.148.144 193.232.148.144	48061 (UMA-TECH-AS) (UMA-TECH-AS)
7 7	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	151.236.65.12 151.236.65.12	57363 (CDNVIDEO-AS) (CDNVIDEO-AS)
7	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
5 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:21e5:efde:30c9:e168	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.195.10.145 18.195.10.145	16509 (AMAZON-02) (AMAZON-02)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
829	97

35 209.59.154.37 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.sgtreport.com

www.sgtreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8746 (United States)

ASN13335 (CLOUDFLARENET, US)

www.naturalnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.142.122.58 (Ottawa, Canada)

ASN812 (ROGERS-COMMUNICATIONS, CA)
PTR: unallocated-static.rogers.com

www.kitconet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.164.249 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-164-249.compute-1.amazonaws.com

static.newsmaxfeednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2606:4700::6811:a64e (United States)

ASN13335 (CLOUDFLARENET, US)

www.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:f600:18:9413:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.187.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-187-135.compute-1.amazonaws.com

www.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::ac43:44a1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-3-71-7-237.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-3-122-254-151.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.30.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.30.190.35.bc.googleusercontent.com

customads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a02:2638:1::13 (France) 18 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:6a00:1:93c2:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

photos.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 65.9.63.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-124.fra56.r.cloudfront.net

kloperd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.215.125.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

trends.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.188.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-188-9.ham50.r.cloudfront.net

img1.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.63.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-104.fra56.r.cloudfront.net

img2.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:e4f (United States)

ASN13335 (CLOUDFLARENET, US)

video.brighteon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-632.bunnyinfra.net

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.202.18.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-18-77.compute-1.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.57.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.30.230.98 (United States)

ASN32097 (WII, US)
PTR: grayabbey.com

zbbb278hfll091.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 188.42.29.168 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adpone-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.202.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-202-144.eu-central-1.compute.amazonaws.com

pix.pontiac.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:623 (United States)

ASN13335 (CLOUDFLARENET, US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-54-186-85-70.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-54-202-241-254.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:723 (United States)

ASN13335 (CLOUDFLARENET, US)

eu.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-3-71-7-237.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-3-122-254-151.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-26.dus51.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.157.4.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-14.dus51.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.7.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-7-237.eu-central-1.compute.amazonaws.com

v4-api-3-71-7-237.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.254.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-254-151.eu-central-1.compute.amazonaws.com

v4-api-3-122-254-151.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

video-native.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.162.74.226 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-74-226.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.120.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-120-126.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.92.74.8 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.34.143 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-34-143.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.148.144 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.172.81.158 (Germany) 7 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.65.12 (Moscow, Russian Federation)

ASN57363 (CDNVIDEO-AS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:21e5:efde:30c9:e168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.10.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-10-145.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.convergeselect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
118	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210 ams1-ib.adnxs.com — Cisco Umbrella Rank: 6837 cdn.adnxs.com — Cisco Umbrella Rank: 1304 acdn.adnxs.com — Cisco Umbrella Rank: 547	760 KB
78	brighteon.com www.brighteon.com — Cisco Umbrella Rank: 181988 photos.brighteon.com — Cisco Umbrella Rank: 146796 support.brighteon.com — Cisco Umbrella Rank: 182564 video.brighteon.com — Cisco Umbrella Rank: 190249	6 MB
73	criteo.com 18 redirects gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197 bidder.criteo.com — Cisco Umbrella Rank: 736	89 KB
55	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 436 video-ads.rubiconproject.com — Cisco Umbrella Rank: 6770 eus.rubiconproject.com — Cisco Umbrella Rank: 512 token.rubiconproject.com — Cisco Umbrella Rank: 593 pixel.rubiconproject.com — Cisco Umbrella Rank: 288 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 3636 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038	196 KB
41	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8575 cdn.mgid.com — Cisco Umbrella Rank: 10842 c.mgid.com — Cisco Umbrella Rank: 6289 servicer.mgid.com — Cisco Umbrella Rank: 8740 s-img.mgid.com — Cisco Umbrella Rank: 7632 video-native.mgid.com — Cisco Umbrella Rank: 27360 cm.mgid.com — Cisco Umbrella Rank: 2442	950 KB
38	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5910 trends.revcontent.com — Cisco Umbrella Rank: 1796 cdn.revcontent.com — Cisco Umbrella Rank: 6815 yeet.revcontent.com — Cisco Umbrella Rank: 6599 images.revcontent.com — Cisco Umbrella Rank: 6112 media.revcontent.com — Cisco Umbrella Rank: 45091	3 MB
35	sgtreport.com www.sgtreport.com — Cisco Umbrella Rank: 833864	2 MB
31	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1448 cache.betweendigital.com — Cisco Umbrella Rank: 17918	18 KB
28	bitchute.com www.bitchute.com — Cisco Umbrella Rank: 34369 static-3.bitchute.com — Cisco Umbrella Rank: 47952 zbbb278hfll091.bitchute.com — Cisco Umbrella Rank: 118421	5 MB
25	openx.net adpone-d.openx.net — Cisco Umbrella Rank: 21203 u.openx.net — Cisco Umbrella Rank: 636	2 KB
24	b2c.com 2 redirects api.b2c.com — Cisco Umbrella Rank: 6174 eu.b2c.com api-54-186-85-70.b2c.com api-3-71-7-237.b2c.com api-54-202-241-254.b2c.com api-3-122-254-151.b2c.com v4-api-3-71-7-237.b2c.com v4-api-3-122-254-151.b2c.com	63 KB
24	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 ad.doubleclick.net — Cisco Umbrella Rank: 167 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 pubads.g.doubleclick.net — Cisco Umbrella Rank: 506	333 KB
22	googlesyndication.com 4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120	148 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	569 KB
18	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7981 newassets.hcaptcha.com — Cisco Umbrella Rank: 10830	973 KB
18	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	481 KB
16	newsmaxwidget.com assets.newsmaxwidget.com — Cisco Umbrella Rank: 45829 trends.newsmaxwidget.com — Cisco Umbrella Rank: 44112 images.newsmaxwidget.com — Cisco Umbrella Rank: 54160 media.newsmaxwidget.com — Cisco Umbrella Rank: 466597	3 MB
15	kloperd.com kloperd.com — Cisco Umbrella Rank: 318463	47 KB
14	adpone.com hb.adpone.com — Cisco Umbrella Rank: 25135	1 MB
13	adform.net adx.adform.net — Cisco Umbrella Rank: 4785	6 KB
13	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1311	7 KB
12	aniview.com player.aniview.com — Cisco Umbrella Rank: 2253 track1.aniview.com — Cisco Umbrella Rank: 2203 go1.aniview.com — Cisco Umbrella Rank: 4904	110 KB
12	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3431 acdn.adnxs-simple.com — Cisco Umbrella Rank: 2505	757 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	223 KB
9	gstatic.com fonts.gstatic.com	199 KB
8	zergnet.com www.zergnet.com — Cisco Umbrella Rank: 7956 img1.zergnet.com — Cisco Umbrella Rank: 9846 img2.zergnet.com — Cisco Umbrella Rank: 9457	151 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 407	1 MB
7	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 676	26 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	3 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	3 KB
6	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1645	2 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	3 KB
5	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 2847	3 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 330 px.moatads.com — Cisco Umbrella Rank: 390	102 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	98 KB
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 11262	1 KB
3	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13707	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 2553	673 B
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 10674	707 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13663	1 KB
2	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 835 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12180	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2484	892 B
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1397 pbs.twimg.com — Cisco Umbrella Rank: 688	4 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1334	15 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 739 id.rlcdn.com — Cisco Umbrella Rank: 548	329 B
2	pontiac.media pix.pontiac.media — Cisco Umbrella Rank: 30927	161 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 747	138 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	60 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9027	914 B
2	customads.co cdn2.customads.co — Cisco Umbrella Rank: 111543 customads.co — Cisco Umbrella Rank: 75762	4 KB
2	kitconet.com www.kitconet.com — Cisco Umbrella Rank: 131600	7 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 4025	410 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 865	814 B
1	convergeselect.net cpm.convergeselect.net — Cisco Umbrella Rank: 85343	228 B
1	sniperlog.ru sync3.sniperlog.ru — Cisco Umbrella Rank: 31195	516 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 439	705 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 387	656 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	17 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 598	277 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 658	1 KB
1	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5052	197 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	26 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 429	53 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	17 KB
1	newsmaxfeednetwork.com static.newsmaxfeednetwork.com — Cisco Umbrella Rank: 41573	2 KB
1	naturalnews.com www.naturalnews.com — Cisco Umbrella Rank: 155563	232 KB
829	68

	Domain	Requested by
64	www.brighteon.com	www.sgtreport.com www.brighteon.com
45	ams1-ib.adnxs.com	www.sgtreport.com hb.adpone.com cdn.adnxs.com acdn.adnxs-simple.com kloperd.com
45	ib.adnxs.com	hb.adpone.com acdn.adnxs.com
36	gum.criteo.com	18 redirects static.criteo.net
35	www.sgtreport.com	www.sgtreport.com
30	ads.betweendigital.com	1 redirects hb.adpone.com ads.betweendigital.com
26	eus.rubiconproject.com	hb.adpone.com eus.rubiconproject.com cache.betweendigital.com
24	mug.criteo.com	www.sgtreport.com gum.criteo.com
22	s-img.mgid.com	www.sgtreport.com
20	static.criteo.net	hb.adpone.com static.criteo.net
16	acdn.adnxs.com	hb.adpone.com kloperd.com
15	kloperd.com	www.sgtreport.com kloperd.com
15	www.bitchute.com	www.sgtreport.com www.bitchute.com
15	platform.twitter.com	www.sgtreport.com platform.twitter.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.sgtreport.com tpc.googlesyndication.com srcdoc
14	hb.adpone.com	kloperd.com
13	fastlane.rubiconproject.com	hb.adpone.com
13	bidder.criteo.com	hb.adpone.com
13	adx.adform.net	hb.adpone.com
13	prg.smartadserver.com	hb.adpone.com
13	adpone-d.openx.net	hb.adpone.com
12	u.openx.net	hb.adpone.com
12	cdn.adnxs.com	hb.adpone.com
12	images.revcontent.com	www.sgtreport.com
11	crcdn01.adnxs-simple.com	hb.adpone.com
11	trends.revcontent.com	assets.revcontent.com
11	securepubads.g.doubleclick.net	www.sgtreport.com securepubads.g.doubleclick.net www.googletagservices.com kloperd.com
10	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
10	api.b2c.com	hb.adpone.com www.sgtreport.com
10	zbbb278hfll091.bitchute.com	www.bitchute.com
9	track1.aniview.com	www.sgtreport.com player.aniview.com
9	cdnjs.cloudflare.com	www.bitchute.com
9	fonts.gstatic.com	fonts.googleapis.com www.sgtreport.com
8	hcaptcha.com	www.sgtreport.com newassets.hcaptcha.com
7	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
7	choices.trustarc.com	choices.truste.com choices.trustarc.com www.sgtreport.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	x.bidswitch.net	6 redirects
6	match.adsrvr.org	ads.pubmatic.com
6	id.crwdcntrl.net	ads.pubmatic.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sgtreport.com
6	yeet.revcontent.com	assets.revcontent.com assets.newsmaxwidget.com
6	video.brighteon.com	www.brighteon.com
6	support.brighteon.com	www.brighteon.com
6	trends.newsmaxwidget.com	www.sgtreport.com assets.newsmaxwidget.com
5	token.rubiconproject.com	5 redirects
5	sync.bumlam.com	5 redirects
5	images.newsmaxwidget.com	www.sgtreport.com
4	cm.g.doubleclick.net	2 redirects
4	video-ads.rubiconproject.com	player.aniview.com
4	video-native.mgid.com	jsc.mgid.com cdn.mgid.com www.sgtreport.com video-native.mgid.com
4	c.mgid.com	jsc.mgid.com www.sgtreport.com
4	api-3-122-254-151.b2c.com	1 redirects www.sgtreport.com kloperd.com api-3-122-254-151.b2c.com
4	api-3-71-7-237.b2c.com	1 redirects www.sgtreport.com kloperd.com api-3-71-7-237.b2c.com
4	media.revcontent.com	www.sgtreport.com
4	media.newsmaxwidget.com	www.sgtreport.com
4	img1.zergnet.com	www.sgtreport.com
4	www.googletagservices.com	securepubads.g.doubleclick.net www.sgtreport.com www.googletagservices.com
4	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
4	jsc.mgid.com	www.sgtreport.com jsc.mgid.com
4	assets.revcontent.com	www.sgtreport.com assets.revcontent.com
3	pixel.rubiconproject.com
3	px.adhigh.net	3 redirects
3	px.moatads.com	www.sgtreport.com
3	cdn.plyr.io	cdnjs.cloudflare.com
3	static-3.bitchute.com	www.bitchute.com
3	syndication.twitter.com	platform.twitter.com www.sgtreport.com
3	cdn.mgid.com	jsc.mgid.com www.sgtreport.com
3	www.google-analytics.com	www.sgtreport.com www.google-analytics.com
2	an.yandex.ru	1 redirects
2	www.tns-counter.ru	1 redirects
2	x01.aidata.io	2 redirects
2	optimized-by.rubiconproject.com	video-ads.rubiconproject.com
2	sync3.adsniper.ru	2 redirects
2	ads.avct.cloud	2 redirects
2	player.aniview.com	cdn.mgid.com player.aniview.com
2	cm.mgid.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	i.clean.gg	acdn.adnxs-simple.com
2	eu.b2c.com	hb.adpone.com
2	pix.pontiac.media	www.sgtreport.com
2	www.google.com	tpc.googlesyndication.com
2	img2.zergnet.com	www.sgtreport.com
2	static.xx.fbcdn.net	www.facebook.com
2	stats.g.doubleclick.net	www.google-analytics.com customads.co
2	photos.brighteon.com	www.brighteon.com
2	code.jquery.com	www.brighteon.com
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.zergnet.com	www.sgtreport.com www.zergnet.com
2	www.kitconet.com	www.sgtreport.com
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	cpm.convergeselect.net
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	sync3.sniperlog.ru
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	id.rlcdn.com
1	ads.yahoo.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cache.betweendigital.com	ads.betweendigital.com
1	ap.lijit.com	ads.betweendigital.com
1	go1.aniview.com	player.aniview.com
1	v4-api-3-122-254-151.b2c.com	www.sgtreport.com
1	pbs.twimg.com	www.sgtreport.com
1	v4-api-3-71-7-237.b2c.com	www.sgtreport.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	api-54-202-241-254.b2c.com	www.sgtreport.com
1	api-54-186-85-70.b2c.com	www.sgtreport.com
1	ad.doubleclick.net	www.googletagservices.com
1	api.rlcdn.com	ads.pubmatic.com
1	choices.truste.com	hb.adpone.com
1	beacon.sojern.com	hb.adpone.com
1	acdn.adnxs-simple.com	hb.adpone.com
1	s3-eu-west-1.amazonaws.com	securepubads.g.doubleclick.net
1	z.moatads.com	assets.newsmaxwidget.com
1	cdn.revcontent.com	www.sgtreport.com
1	94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	assets.newsmaxwidget.com	static.newsmaxfeednetwork.com
1	customads.co	cdn2.customads.co
1	4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads.pubmatic.com	assets.revcontent.com
1	www.facebook.com	www.sgtreport.com
1	cdn2.customads.co	www.sgtreport.com
1	static.newsmaxfeednetwork.com	www.sgtreport.com
1	www.naturalnews.com	www.sgtreport.com
1	fonts.googleapis.com	www.sgtreport.com
829	129

This site contains links to these domains. Also see Links.

Domain
realsgtreport.podbean.com
sdbullion.com
sgtreport.tv
www.subscribestar.com
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.linkedin.com
www.naturalnews.com
www.nytimes.com
deepstate.news
theconservativetreehouse.com
www.brighteon.com
www.thegatewaypundit.com
www.foxnews.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
widgets.mgid.com
www.mgid.com
brainberries.co
herbeauty.co
zstacklife.com
podcasts.apple.com
www.organicanaturals.com
www.preparewithsgtreport.com
ketokerri.com
www.zergnet.com
www.shtfplan.com
trends.newsmaxwidget.com
thephaser.com
thelibertymill.com

Subject Issuer	Validity	Valid
sgtreport.com cPanel, Inc. Certification Authority	`2022-02-06` - `2022-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
assets.revcontent.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
www.kitconet.com Go Daddy Secure Certificate Authority - G2	`2022-01-02` - `2023-02-03`	a year	crt.sh
newsmaxfeednetwork.com Amazon	`2021-08-25` - `2022-09-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.customads.co Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.zergnet.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
customads.co GTS CA 1D4	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
brighteon.com Amazon	`2021-07-23` - `2022-08-21`	a year	crt.sh
kloperd.com Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
assets.newsmaxwidget.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
newsmaxwidget.com Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
static-3.bitchute.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
cdn.revcontent.com R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
images.crserving.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
images.revcontent.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
media.newsmaxwidget.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
media.revcontent.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.bitchute.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-01` - `2022-03-01`	2 years	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.pontiac.media Amazon	`2021-10-06` - `2022-11-03`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-02-14` - `2022-05-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2021-09-13` - `2022-10-15`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 132 frames:

Primary Page: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Frame ID: 1D18F1469BCE3F176E0185E42C573542
Requests: 203 HTTP requests in this frame

Frame: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Frame ID: 580A18AE93D71ACAD0080092A9446C03
Requests: 45 HTTP requests in this frame

Frame: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Frame ID: 4CB0872CAEF1D9E0F1636B3E7DFC7D9B
Requests: 44 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 8F47A4D3D788BD2BE90F5B73AA858120
Requests: 3 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Frame ID: ACCFBF166882FCF909B5928C488585F8
Requests: 15 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/9XKVqMYUAydU/
Frame ID: CCB744ECB819C5B9BD5216329F4BC0BC
Requests: 14 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/7KtixRT9tVfw/
Frame ID: ED0B2954CCF90A6C0A011DBE7B7D628F
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.sgtreport.com
Frame ID: 419F9F42E719B5171113F93A860858AE
Requests: 2 HTTP requests in this frame

Frame: https://4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1243E43C1E3574E2849DE14215892772
Requests: 1 HTTP requests in this frame

Frame: https://customads.co/lad/8773791841012071?pubid=ld-7837-487&pubo=https%3A%2F%2Fwww.sgtreport.com&rid=&width=789
Frame ID: E053DE49441C656444C1E4CBE959708C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFiVKUUB3nI2FKEZXIK9usUfpeZDPBfln_qfxz-qIHB9jH7ELyIY_RjGihKM1H6iMlbL0TbI7VsnfqQS9w3jzp5zjX-a4TnB99jvluCyYVmtd7kjEj3vn8pCwr-dg6BuImeuoP9o67OKWsYQ8lLjRnAx-tY2-HkDQBoWlCBGceXE6EmQH9aSrT667Y24hIZrvLPB5jTBbc2OIwFxQIAmrAYBXqVu4nmSgJ61N5vM8zmPCvhlUDWvlpm4Xf1hf50G8X2YF4Qo-okHYIDk50DTDhnmbowPrmLEryXeaFMJEfaiU7h7kKTaQ-Vst10MXI5E2sqOFIBkCl2J-SNDMUzu0por3Xi9tkEw&sai=AMfl-YRNTc5atEonxW50vSKVpZBDMriMaIew2-1m8_A1xMMLbiUiUToJjv_Zc4b3AIkTMjgp8EqWVNtC-R4-dck6KjMQLUkq6rtYmIK2aDMkEZHul0OPnUddOiUEVMvyWVwK&sig=Cg0ArKJSzCNooNaMSDFFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 54E543D7FE02FAD092EADFF1F26131A7
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2B936970AD8798A2D4FDC7177D5BA93A
Requests: 9 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=ajaqdoabmxf&e=1070549076851
Frame ID: EB3391085B28997EF399A0F92EF3C810
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=qgldyytp&e=1070549076851
Frame ID: 4786A3A262CB2B4E133F968E6D8CE9DA
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=zfnjshxzl&e=1070549076851
Frame ID: 75B9C2AD2CAA2E022324B0D6971988B8
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=itvuazad&e=1070549076851
Frame ID: 8C7A7090E2F7D99037AD807E515052C0
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=xbfojoa&e=1070549076851
Frame ID: 0CE31FEFFD6DC15A26159154ADA70943
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=dsrziibjt&e=1070549076851
Frame ID: 25AB5882998BBC9F3744B8745ABDF6E0
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=eunjajs&e=1070549076851
Frame ID: 219EEFAC81627136F1C7BB8041F1E59A
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=lmsaqvyf&e=1070549076851
Frame ID: D9BDC0955CCAC718A37C993DFA7DE2E2
Requests: 11 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851
Frame ID: 408428994F11CE9673A94FCA2B0BDE97
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=drqex&e=1070549076851
Frame ID: 07EB156481DEF46AB98F39D0D70350A2
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=hhgkapmva&e=1070549076851
Frame ID: DBAB3305A83B180F79D18591DCB50E24
Requests: 9 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851
Frame ID: DF1B779C034B2843FF6FD87ACBFA6EBC
Requests: 10 HTTP requests in this frame

Frame: https://kloperd.com/r/p.html?f=fdnhadlr&e=1070549076851
Frame ID: F0DA30C886C5ECDDCD70C50162D54F54
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Frame ID: 893A37132D21148EB8CD0D7FAA2C2DF6
Requests: 16 HTTP requests in this frame

Frame: https://94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0FBA153E73144F554009A43B0D547F6D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssUwo9obN0FyMj1kKwtpTlgWL_sioY-vAM2jHoeO75B8EkuQA42EDy_QOPOzJiqgielSqQco5l4mOexJRJKF6kRBWFtxtBkXLokzXr3FlTOfjOVguHdQGVh-w3RdzJ3monZ27DV-x0W7W-0_DfPzWKiBZk5o2VOst7OAHgRj8HCvwJBXfCM-_K_nMhD7cd9St0qa0uP_BTgzzsQFNR8-qlRoI2b8oxEr_C4AsmQxHyxbg23euBeGfGlIGxAqefjH_Cme2jx3vUzbBEinEOQET25rmW7ZVlx2tD_EbpQ5xRO_iwtkSU_aDa0H69iYOobrEVUmbzRUUYatWUyDpieBqL-6GfmkGuElFHft3sKXbULKw&sig=Cg0ArKJSzEs6lxnxxZWREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 18362208CB46E488C4C3A328A6C5DE48
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EE6D3DDD0E48FBD0A82FFFF350869F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFB9A6FE963F3D9A31595239C69FAC6C
Requests: 2 HTTP requests in this frame

Frame: https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEIGL8bOG_oyqVxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjc7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnRIdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNRERnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXb0xha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZoU3Zidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODAw2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH3OwD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=87969b050bcaf6fe5e8a46fec7a7d98f9df269d5&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dajaqdoabmxf%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dajaqdoabmxf%26e%3D1070549076851&
Frame ID: 145DF93AB4130EFA3F10C54317B255F5
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: C6F93E010D85F8FF6751044A7D1FA8D7
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: DFFB63C3F75325AB31E8E30719AF0FA8
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: AE51C8042245AE87D85E492D94597ABB
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: F47E3F98600CAD6B29EDA20ACB153E25
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: 69EE0E8033074C56826F3BEF93B04C70
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: 1FC11DFC8281FFE4695DA507C0FDD8B8
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 8ACA0ED9B75E156756485432111F91AA
Requests: 8 HTTP requests in this frame

Frame: https://pix.pontiac.media/referrer
Frame ID: FAEC684C5EF53AABF7BC98966AFFF32B
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 0C3352458BEA64D150B9038755F0D55A
Requests: 14 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Frame ID: 7D927C27758E8AC92545E29410FAF434
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: B949CB662B4681966CC6AF725567A23E
Requests: 3 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/3344/2021/9/22/28466959/65c8b6d0-180b-4107-81aa-eb902ece5701.jpeg
Frame ID: 9A3332DF863051BD782EA460FEA84E8C
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: A5068AA9E1B53A919905B2C866B68CB4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 685C2DDF8B29553E1ADA4885BA0F1CC0
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: D959A0129604FBBF4EA8E85D69B106B5
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: C0C729C08F831D747A7AACDF95521A86
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: 8F40470091E1B3CF453F51E924B4FEA2
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Frame ID: A2433E3E0E05536FB070C26F396CAC05
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Frame ID: 2FF464993F0C3317F62508C4EAA5C43D
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 4F92D08239A65628DCDFFE6F83EF5493
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 3245606BA7B69951DFA93AAB1764A906
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 07945F3D6E488D8A082DC3EAD703E109
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: BB56D4B0AA06D92B8D20869F0B559932
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 4BE7F7E09DCE41559746AC6C228A2842
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 973A0AE029908265D6A1629B10B96E73
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: BD4C3F8125CD6499F30E37CCFFBCFB28
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1645319670809909760797
Frame ID: E11390747F34BBB460DF7E56ADFA9721
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 8D00CE68E206AEEC8FF7C5D6B4A23075
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 891B04C8E3946FFD7E975DCEF82F9F3D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: 5B51AE375319764BF5BD736A9678279C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: AF8285CB4BA7E1E8D7D6281D38322D54
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com
Frame ID: AC443BD238A04E5A48B56E548B1918D6
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: 26889B9D4ECD45574EE8AAAAFCD743FF
Requests: 5 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: F45451B0A02E1F212D0D698E6027064C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A9B14ADCC5FEF71647F0323DB88E6F09
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4C946D6C871D33388010EF48A0315195
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 30EE660220A9219B59C06BD0E847129B
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 96B00675B9A71F88E76ACD9978F1A662
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8010D479BDE269FC1606D56076CDB9BF
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 98DBAE7D8ACC534D7228CDE239C08D9F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0BF1CA84358FBC7F4AFC7C5E3E4CDF18
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: C06EEA6E85A3FD8B803B4131F32D8B96
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F059B02B0BC586B661E14CC4AA066899
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6C5A5DFFE75AFC0FBF9B04BE93B85B3F
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E47D3B28ED1FF567C4199B493D001D0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 626BFDF6204EC015DF251D4932671BD1
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 59AAE140554B2D9C2F8C204D1E5CE2AF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 12E866EEC05D593E49F2E5734869501E
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8E297AE5DE368451CFAC9089B9C7855D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B609D958349E92E3D8A203C3F20FEF1D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3BCD1590115B2B98570D482C36CF5016
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9668BE7E8325F159E8462D286A713548
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F03C1796F8A4E78B081D86EA338492EB
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 31DCFC43561A39CF3DF180F65679E6CF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CDB451468D05628CC24D19211D995C2D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1C5035F4B03026CF4D384BDAE5C1CF9A
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: F938F697A12603B470FA1552EE396E5B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 118E4035DBD9D521E2DB650634070013
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 420D2979A37EEE53C02BB7BF0B64D7C6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 43393E2A166D12842763EF35AFA4279F
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: BFEDD3448A70103DFBBBF843D6BB5D25
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 505D9294B41AFF18854B0ECED17277EF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: FF8322267A1CC17DE11202DF7C0AB9F6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F91CAC231E020528DFBC604080928FD2
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4896419A24ADF4DFD388CAC41A684AF9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7B5D79B8BC67B7A0393B4559DE163B06
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7AE87277A5F5062A1D8FE97A9C569D24
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 65D5018F0E09FD562B7D358689BD17CE
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B8A931956A3F907EACF9293F8AD2E160
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4405DB1158FB7C33B3058DFFD2CF4404
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11AA984E938581423F771338F51F9947
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C606C3D0302675F75EA2E336E5115B90
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&CACHEBUSTER=671996
Frame ID: D2A399AC1EFC6D9EDDDD616302224807
Requests: 7 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D07EE1083F4ACF6068A2BCBF995BC010
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 54CEF50879A65BEAA0F9579CEF08CD7F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9F0364FF3E43CE43F3FC953008A27EC5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F2B9263C166E24316CF41832ADD2D26F
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 19EE978763BC30DDF980EAF29488A96E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C723B6E727F9F732747C36B460006245
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2C9E3FDFD69C37FEB627B6FDBA43295F
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D3B64CA85664B3B6E93E0CE5D1387631
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 19AF9CE23DA4E58469676ACF0B222814
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 90CAE410C9A65DCC9F3372A77EBE41CF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9CC8E6F11637457DE013671068DDE783
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2902220C3A9A46D96D4EB71F0C4BFF4E
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31042.js
Frame ID: 01DB3392B94E244B8F9B439B8C8F4941
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 87D95A00D2693DA84E362BDACE91E1F5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 275AC3B2CFD87217BC87D10D3254E209
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 8A6255C7EA99BF9E7CA0413025A44AAC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0ACCB430211AC7DFDC22845EB404D915
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 961EBBB9BBE23648AA95F9E01FB2D46C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B5625A7CC17E76B4AF75FE74AEDA340
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 509D0571E2C2DE45E84FA84DE810DAC7
Requests: 3 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31042.js
Frame ID: A2A923D1F96AA4B34CDCE02A39CD2AE8
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 2032AB16EE05DCE9828582A96C0F3179
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 790A352A85C0C9EEBDF4C185A9154CA4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html
Frame ID: 5F3FE9AFDF005230E4BB0BDFACCC4C81
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5482F00FC23411D96C07C890512CE639
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EEB92BFF0A759D4E65B0E0DDE5C92690
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 29FC7C821034A9F76C04F8D3630F42BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 729156520DF0B6BC6C17B8890CD69C57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deep state in total panic as Durham’s investigation confirmed to have transitioned to CRIMINAL phase… indictments imminent | SGT Report

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

829
Requests

95 %
HTTPS

39 %
IPv6

68
Domains

129
Subdomains

97
IPs

13
Countries

27272 kB
Transfer

50177 kB
Size

53
Cookies

75 Outgoing links

These are links going to different origins than the main page.

URL: http://realsgtreport.podbean.com/
Title: PODCASTS

Search URL Search Domain Scan URL

URL: https://sdbullion.com/
Title: BUY GOLD & SILVER

Search URL Search Domain Scan URL

URL: https://sdbullion.com/silver-eagle-monster-box-sweepstakes?utm_source=sgtreport

Search URL Search Domain Scan URL

URL: https://sgtreport.tv/
Title: SGTreport.TV

Search URL Search Domain Scan URL

URL: https://www.subscribestar.com/REALsgtreport
Title: SubscribeStar Member

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Deep+state+in+total+panic+as+Durham%E2%80%99s+investigation+confirmed+to+have+transitioned+to+CRIMINAL+phase%E2%80%A6+indictments+imminent&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&via=SGT+Report
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Title: Google+

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/&media=&description=Deep+state+in+total+panic+as+Durham%E2%80%99s+investigation+confirmed+to+have+transitioned+to+CRIMINAL+phase%E2%80%A6+indictments+imminent
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/&title=Deep%20state%20in%20total%20panic%20as%20Durham%E2%80%99s%20investigation%20confirmed%20to%20have%20transitioned%20to%20CRIMINAL%20phase%E2%80%A6%20indictments%20imminent
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.naturalnews.com/2019-10-25-deep-state-in-total-panic-as-durham-investigation-confirmed-criminal-phase.html
Title: Natural News

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2019/10/24/us/politics/john-durham-criminal-investigation.html
Title: the New York Times reported

Search URL Search Domain Scan URL

URL: http://deepstate.news/
Title: deep state traitors

Search URL Search Domain Scan URL

URL: https://theconservativetreehouse.com/2019/10/24/big-report-u-s-attorney-durham-administrative-review-is-now-a-criminal-investigation/
Title: Conservative Treehouse explains

Search URL Search Domain Scan URL

URL: https://www.brighteon.com/channel/lisahaven
Title: the Lisa Haven channel page on Brighteon.com

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2019/10/expect-conspiracy-charges-to-come-out-of-this-george-papadopoulos-reacts-to-news-that-durham-probe-is-now-a-criminal-investigation/
Title: The Gateway Pundit reports

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/politics/michael-horowitz-fisa-probe-report-finalizing-nearing-completion
Title: Fox News also reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=IQhH2a7P2dHgDQxhSHpYGa7uqPlCCLdKCikUM5BMc9opO%2BM%2BXbOV6NyLpXXpW%2BnVl%2FkOJsV7rBzTnjvGOSWcjGdPp80fC9BD1553azl42ap31DXpY9R64cgXnyOeC2NKAgqHP51p3SB3m5RrTXZ1veoEsSp2kWodLgJUbhgPEzfb0PR2bVhEARS2j%2B9%2FUEHma9A%2Fv%2BC2msSprT77nunNOmRpAoQbb2ikyhIVmGlkOY5typ5elvRx10aQf3G6K%2FlYre2e4FoOABWE4ePmIKJunAy7M1%2BveQmifTiLQuf1WS17zQXXflcsqg3AaT%2BQfsjR2aDFFQxz1PSwUEFDMq86Oq08hkTApcR2XMlJZfSmypWrHCawPD7GncJvpM8cSEyMzML1KRyajemfsbKjX173Dzd50HxZPQuhd4Z8bIBTEX4FDj4uO4Y6OdWn8TKVlvnr5Nsuc8GZtUXlpPvVDYalOZ%2F87Ay3GruVtZ0a9XhvtyeXcl52zpx6LEvxwOG7fI2nFtIM0HqXqhjwJSfjQygJIcnuQ9MQrcG%2FPbbZ3UXqCf9BPyREGlPmE%2BRmKhDgNWyRBQ3nakp61guej4TfO0Vvtw%2FMWuV65uKfYMnpI9e54%2F17%2BZ%2FzoClbAzkfZwSXeR8qBRWgz99TTUOy3Y6hJutz53pV7NEC98gXwoixvk4EpWlcv9yrMsJE58ly9j7zPL4DZb%2FgBFTu0OOwr1PH1ixKaFUBOjSH313hkI%2FaVz33qlRudgW7Vmof382lRmX95lfO1ttKKpessZuBRn9CUo0qOjEy1LTwuagR1I35Kd%2FrFG9SfQMcQzES477wEXHLQ3%2F7S1d3CzucsQ%2F%2FohSv7Zzyeabb3S1PwjTFe2IYfpsv%2BS5wgUGQ5CK%2B7q2hY6r%2BAJonRxBDal%2BaGi%2BQZU46t0mXu9NqRj720u8OHGNrG1CR05PRLH3o0w4uLG5WJoCC2mPgc3zgUcb3tUF49z6Ke2L3xyWXN4%2B2BZgijvz%2F%2F6M6EptrB8Puv1DaUOjSFCf72lQ%2BD%2BGS92OaL7n0wGLVbWbgcc5M7Lw76xRC7CBAgyunvFXCmtsWx8gLriLHmMqZwu1kO8L3%2BBpEId7DvHCi8ThjNILYI26qoi91%2F%2BcGff9jRtaoVFATr46OHW%2BYVcCF9zpxmctE%2BNKownMklJSn2bzYkbGXd6tQtSh5QYx574fDzO8l6lmhwJgQK97SJmjtFrtaLVbJH790UiwVTO6asr7NPsBVnNZxClu7V%2FzV31OPbuV%2BJKlJsQ1Lpfw%2BImIsZu23jtE8vj%2BT%2BvZIcB4MBCZXVYkHF7xz1RFCfW9OQH6cv1NB41xfQ38Nb3KUCWiCJNUlv7Te4lO7dm3tTgQFapA5tqJqV8UI9QccPS3SrXaBkizPTDtCMpTSmONYkrCrONzkG%2BzWfG5idde3ZX8IBLZA5Wg3Hw8AIylpdMFFpHKW4jwf7ZQZWSVxIxQpzjldUvJatniaocSxoZGZGZJ33Ij5QQ%3D%3D&s2s=1
Title: Eine Tasse (vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt!Tipp Zum Abnehmen

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=wueRH5%2FD4lewYmXW46FCC3aGGU8IM3B1hlHkSzf0fbEfA70OgroMuj0JwTE6%2BuIbARIcEJikE1670boEWfiMMvODET54CmFm7xj454ypEMWGqNG86iBZlHcjGxspefXwoRvwdhFqK1cCggqODv5EsiDd7teCkQjYS7Z%2F4Hs5mTmgolqKv6XVo%2BlYzEd0tWAOX5ToL%2BELsyLwW0TtgnG8hlBu9C3uqVfLtynzpSYt2WhGku4h8DWVsXoRBxJoqHdOXZUj2CUeTotZfXsZv%2BmJuye%2FG2CArZkJOGM7VPRQLE0MoE4hM3W3m71MM%2FQXVWpISLDQ7nulrVdGVV0yUB%2BCQKtIH430GULgT%2F9O8%2FX%2B8xV%2FDrFhRuigm2l5up8QDlaFtHrzixSrfcazhW%2FD0ZPk8NFHYMrCw77YlzQpFsbHmKZyf%2FhNIrEB6GHske9sZTdycjHLBIzAkWgFo3IGVzE6QeqgJe1kx89slp9tyWBkwIGmec%2Bn4vWgnY84z58Mtu0RQeYmgtPRTQ3Yrj7hriUsV7%2BQA1AL1HazaCnyFLZ2Vn%2FfRuZlnwbNQ7dkJ%2BrMSKtn88tGfIxfcmjMTYkvqS%2BaPqFa%2B%2BPwZFuS%2FpeAYUXJJdlhINY129uQvEFSniyBJkxk%2FaI2%2B6ytVih4a2cFM8FUqEi1%2Fv9RqJDgwvCS0nNCRRvqUC1BAB8CI2eNYQqqxJpGt4siYBaf5iUkLLl5QpUQXRe5wkJAAuCV2ofwhGBId8hZXqZ1B%2Bp0gZ4YYOEnbfqgCdKCiuWb%2FIJp%2Fq36XoWT422hsv4SA%2Beq1ej%2Ffbz9OHAuMKcxJf5qahQmLckeNUrodfwlJhX1tHaoUklJ2ClEg4jABo5wpiruPcfjK3iJ8Jwpwz%2FxRIgTlCpiGsHlHZmFLWnx4ZW741ZDadNmp2lRe%2B0Ip3AfMPJIzv0NOXod2sO7kpqjBlQKYfxh7DvrgrhnYAQeNJy8KWooHSNnXDRUgVCQX7G4DVq6iWoCh5SJUmKS42qbdu9bSlF476U762Xp%2FsmcDzapgjrV1gJbYTuqyXfYPE19v8cODxObQwSRrAg2C32X3%2Fhy3nmKYY4LfGVU5DvjPQ052xvajjdxL8nobHP69QStfkjbcALv0boffqsFl5ehP45wrctHcv6ZDAkG5wY9MXGO8ww0USOlPRQX7W1oiVCacXki34opURuE5tMBmJOyFsTIWnduAGsyyvOB0KzK221kxT1b68NufR6puMpJqXnN3gK17VBUNkAxcSlM9f%2F4wf9XFXi6efGWY5qfu90NsO%2FHL0zLTgbN5DSTU6iveSIUz4%2BQXTiJuogNtKcgCP%2BNLgYWzGh02MJwZaX7iDMW5nTfajqqmAPw87nalLBdyc8VnMnIIJTuT8ECRFEo6NUbf3oIyjsqsSq4wOw5OSZgldtbVEZ64XD1Kp4OLmO4kf%2FbcR%2Brd9iF4NUizY9z2FzjEflzChBs1Ot%2FdX%2BF&s2s=1
Title: 1 Tropfen (vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt!Fett schmelzen

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=KhfHJocwhFILsHU3TPfyShnDbrsJuCqONyVvPYFvKkI9f9DKGSgmpqfdxkqZqhFJTYwU1tBdQ%2BM2ZNiPF3FqQ5R5dcFaJEcsv76B%2FdSGTSgosh%2BwL7ILXqro9Wz4lNSK4lbBStKY%2BiPrtPdiO4y1DFDPmHPhHyamwM2eTODy%2Bl36Cpsm7%2F5Ku02NjGFRQaPYSrlVRusF47BEJV9CT1mRSCvUG2tkZBN4nuatLzW379JedUNki4Oc2tuhIsNsAHxk3SK3GeziqNfFAFJVhWYSIu%2BBjh4vZmluMHwX%2Bw0YQB1Td6LnW03MsXXepq%2BWVeW8mM2qUaAFAdNcMRQjR9NRACkeMb%2FObw1t58sFt62jm1kyQXTlnFxejKYM%2FNqaRM94CaZgTShnJLoLnXvOYgtvk9PPOkttscgqC%2BpOTM0LSQfCg7UD45yMK%2BF7HcdgOVvfLJKMu5LbOvkzI%2B1%2FRfcfSBtP4N0TQn%2BBAP6FDKLL5oLcO2TAfp%2FeQQhuR9uHl2Rroe7ycqA1Z1l9V4QUA%2F%2BtFT8Klf6vKx6YzsoLqRu445wjCR6QaeOBOEKzcOt4J%2BdGrNGWEearVYoawTPcZUk3R%2B%2B8aATkjIQwdmnk53HwZSFd2ne4BKWQaz%2BCXVb4YxCWu7q3acYC9%2F1AJNngVp%2FVDuQsfHkPwluBPMyIAbnDCbW71NOaTHkoYbrmUu00ixrmbWU%2FgeF1ILBrJoWaZR8mBzlWUNATj%2BY2KgRwy0RoNGUM%2FaU4sBNf2muJsQNQaKRokq6CFajyz9gDEDndhIS57nLfotWjOIpd9WibXmpOI7%2FWRoOtlmnPB%2BUUcXzha2YJro0jA3UxcvuJHt0%2BHBaUpn3Xz5F21ljxmXhQTVMjdoLqf872dG5RNcf9mYzhn2anZGj6Gx6V8M9g1Q%2BidvXgo7D3EkU%2BS0%2F6RIZQ40vWDQPUKgiMebkij1XEWb80rZvrraTj6taZr0PX8MxbzvuVuSL4ewkfh9xeTivfb0MQ8wnJIdiR%2FplquGPsNVTgaPFrwLDd2Qb1Fm56M3cnXNm8%2BHxq%2BRbE124afV%2F%2BuqhhhjThvLl3%2FJ8jCDMX93%2BwV%2Byu5wDN1Z%2B%2BSvGbhbSGPuoQopMsYTbYUmIr1LhpsSANAlh977OHUjGzfDAt%2BUuCD1r9vjU5kTexa%2BFok7Rp7HBp%2BrGfj%2FESJVi7yIbPH7eWcr4omOKz%2FwjLGol5p6maQttYxgSVm0htSVDAyZv8uWJvTRj7Fm8HmfjvbkLDHuweNoQwz52q1o1YQfiYyEO0q6GBTHfLMIIvhAkMe0qNtC0510BESe0hG7K2oBxUevN3o%2Bvg8MXf72EGvNv2mzWfMkN97cxKXCQEM%2FracuP98gof1e1XZeUKlZc6ThfYRukI1y3ZdqEscDkFQnyHCMcJWBDXxukQCg6xVDqL5cI78%2FGBON7rWg3s8HxJlDb%2Fx2XsxZiNbAExTvu95FvJ1pVY8YoD&s2s=1
Title: Eine Tasse (vor dem Schlafen) verbrennt Bauchfett wie verrückt!Tipp Zum Abnehmen

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=5YBV1O7z200%2F736i06HwsvvfrwglSlHdhRRWyZFvvrc8PaLp5hUVmfnAQ2bVEJENaI8O5PgGpCeHNPFwLn1PLRvBAQYmofH66%2BHaRR33tGLyZ5fT%2FNNH9IhPmsxF%2BH%2Bkd%2Bf2SCU4EmQ%2FcJgf1jgsGcLrKusqgHjgYJq8c8nMLI7slL4OruqOG5BLMHKHfK%2BZSrnRbppPEzyoRvX1dI%2BRgaJ5Xm9Y3vaLZPEVcOagt1iL6A6DKjfprFZ5X21TS5%2FWRv%2F7Zvt4prVvsR1WaQfYJwhG7HDDRlB8pqQLf%2BYsYL%2BSOSI1xgH6hzyMt6arBie%2BS%2FRmyZ%2FzTmVq03MWN8tBMK1h7y0XeqxplXjH8JRdiuMuMrglzCbfoBAGA%2B1dLkTEGwpxm9GJPXpUst3QCAa%2B6NYJNlYwP6CXwKWNoqjlV5xs9giWYdo%2BwJWdOzKE8ALwDgq3nR9IWwl3ojRPboVUUhwYb0fvNJ3vs3GEnXwrWrgS0cCgi%2B%2BrLZSRG6p%2FS0PZZe4mGQtdGCq2ZgeDYAeYCtUctxijHxqxxvdfc3vVbkgzeCNgJEF8weJ2TjDVhqxXEfaaS4e3SpLoNqZaJrfbfOO19laXFoyeIdPSVAwfjACy4iMmVr1RqxZCXbNr0gJTAQUddIdFIf1eSQD9OS7ofZfFSfHY2CixVe1Se0veRPCBxRfhNFU2bnM1KfWBj0BcxYvT%2B1TZYUPT3Nz4GwjZtrhvPwCdcbFh0wg3ZM7CKmhARblSLRf05Mz47j5E4T0XBZtk82yutQYqPMzr1zlBaottMgIQsfbf1273o53VuOLxEQTN8WfYbeVQjY4KnzqzpOFXSUwOlnMlhRIcoqUaYjTEaGcayZ0lYNzBWFJmCRWnly5J244qOG8dfX1vxgYteFXmM7DKS2UgtpUVwWibBD%2BgyGbQq2f0LfwFZ2VF1pTpkUVP5Rr4K%2F%2FyPdqHCGiVQeuQ4Om9HNm5Z88%2F21%2FGr6wr8v8SvNjVxYtnbieXUkQyh5IlmkcnpS%2FdP5P8SbJvfnHMqGYtYPxl6aUGQ5LS57mReGdwceHQWEsI22iXDBs4PhDCSNxpk8lfQlOeJraugDuHUbw4i1qU7z%2F22pPOKQuG5WQwzMNNN8kTtaYv%2BD%2FA0COr4xmxyArvG2mInPpuCdu5XUA%2BtLh21ktA16%2Fx2y9jgo9UXAoy4Og8BdljhExyHFe5P51tp8TGIw70G%2B%2Fz%2FcYbJIeN6kY7eYNm6FTAceQ%2F%2FgP2Ug4kmfgicyMx4KdE%2F9eBoaHVtT5sxuECzsXxI%2F0OtomWU5T2c%2BZN56wSWxP0Dopk01h0eFRqee5BBvvkMXETdS8rVuG1H2wWPYt5bGmrZBqguS2oCNYkDZ8A1RIcWNvkIqhCkgUXvtT7pj%2BzT3KRh%2FTSDEQ9m9H6sOcoVeCO7hHVw%2FblZjq0E%2BcwlirTlbcWbsnXyzsH%2BY6wvoA%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's DeletedSecrets Revealed

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=7BkPIaUIb77QK1oxFTnfHqUPyA27rNU%2Bh4iB3QrOSyu5sFPgWxrUtcOzKSH%2FCSNy0AhBzAsoVHQLTnVWamw0Fard2ASZnNOgNq7BNyx6vw1ErDzlJEfTT%2BLpTWgkiZlLeC43hSxAhD6fk%2FGNegHh1KtaoG6j63dYTog1Y9EV71kykxv6rg97L2l%2FwkyMyOau%2BgvpmkFtgzSZhhLN3pwlkpTDJnAh3IOR9cfxe7ScCLRoLQzOQp%2BjjyRZGEkGChEfhnPRil0rxYV6y63CrVL39EWXnM1kWm%2BR6RbDNwrRM0TvdDoDQymxUVuK3RL4pDLaQ2PVAynt86QU7BJ0fVLcgcgAXxziXP2iJ19D2D2zu2vlL5QQuYTNImOHiZrpIX5nV03ovAHVNWy%2BJ%2FleKnB0ZGgZCeEuwP%2B8rzXPr1pxF%2F%2BvC36ypZYcDPki1sRlL4YoQQtUv0471h1RwY8FQbCjh8v6run%2FXxPvI54lxSv%2BvZQxRy2UJf0kb83pkCWAbx3vjd%2FVDTVSqPFFHFUcCEoHb0Zzt7AxMe7wq1TDpD3bKVvuIktXgqOgrbzMOa%2B4ryTJ1ntNZKNw8a%2FXGDIHhrEWpbMIdQBsIiusyDRhdLQozRDkWD1nhTsLnZJ3glLv4wkosYn3OMDYE%2Fm52zH01aeEXEGWa%2F8yJzKJWnOrlnkTN1TLMjDUAiHJdC29RY5ecMKTkApPWs69euq%2F%2Fo5jBslrOiN86YUFh0nEUbOS%2Fuj6MEOs5%2FUmmXkK%2FAeXcHxXd9L7pI%2B94zDejnFtmwEjoQxnB%2Byjy94VHXfgKuwHxXo1vVixrCZo0RVCNBQQPZPbWY9ni7LRyf%2FufzWna4eBodXPfle6MguXoKi7RmMynq5pPyAOciATgGYH%2BVy2AErrVjCfYUJxvXIMxUQoVDQGPIC1%2BTOFfe7zCpWpZoqhdIGIpGp8Lo7Y3gzzAHEjxLXwIxJ0yuJPv7%2F9m5Qr%2BJlCFIecBILmnVxol6osXzuZS1RSViTkTJm6cPEWfqoI%2FwkWwpXUEs5s0GBOSW0hNCd2c2g4RtUjSo1RMatWUhILYBkInwL5k4MYLx9VKDkT7E8LAFsKsOOp3WeOsdzwtA2gmO9%2FWib5rVorLASqSR%2BXA4T%2FKYJUPFibqSbF2vzgV62xVzhnHqnFqsjhWNY70RxaiU%2FK7n8MPp8B1Lcb10r66%2B6cru0tIjMgWVHt0t7bv%2BPPKtLXV7y76yrQbWeF936%2FaTnODeLWRqCe3UBQC7J9NHt5yWncZw1aYkefaQMLwFiTKSw6EZYaACby5i7a7ezCk%2FUb2b1PXtznTX20vtecHWALofAbIDmQzFOy576VmiW0M1SeToP0l5iL%2FAQSzBtXZFD7X8s0L00HHLQTS%2BibFruuFPTHKdPg8uWnsUakSa9IJDOmHN4l1JJbRJ4rlh%2F6Be6AOSAEAjVC3c1cqvlFXk0Vu4AZwllHWbDcN1OPg%2FU%2FfMsT&s2s=1
Title: 1 Tasse (täglich) Wird Ihr Bauchfett Wie Verrückt Schmelzen!abnehmen

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=MbarnefVTtdWxLLf%2BLbm8cm8SL%2BxlgEYrHgDMQAE2QsD4zL0AFVgDiBXenur%2FkOUQbtYJHBx1J2r2JHylmFPHGpOSacls25vmHyLTy4wdFDYQAuzX5Xh9LQ5Q9Pg7Ht4LeefLcvu9Awu30pRtU1kIMjZfbXOOHg2fJdDxN%2F4bgLlsqG8Bnn8aTRj5mfeJ%2BcUE5nlI6r%2F4yuNHbkcrwalLLL9jYQY9mvkUP9Zoa%2BOVtSfMqItltIiGVCXLicE6mbDxg6H5Qc5FrQe%2FFlNpknIxoqnwlTwrtFkVcxDl9%2FltnfGasnB3ZCwoXkfN%2BHZkyzcjgo6MggLMdcVtUIhgcLJM1%2BGYYU2qXFQEmqLxJUtEKGmxKoxsc6diwS%2Fy3Yai4Ijp3EvW47MfggqEBre15lblrJqfXFxQDKiNKVgxrGFbX66MbUZkngitaXzG8LhEEWTDL5GnuacErDr0EQLXDsKFh2qUwGnSd7QwH%2FKrW3OQaKpql5818CPxAvFa5LnbuJs913tz%2BUr1HhLY3tMblWMMkXPCLP9cWWbYS3HIvuEdZA%2FLi3RKkj%2BR4R2IiKy51%2FbtioSXn8TyoFGB4m5oARxLt1w3uL2aBIkdsE8B%2FkregIMjwjDpaC4IavweSwWKo1VhfOby%2BIEEbUPjMYkeOGaYEeMrg3Xz8Zx9JF%2FfXc7C46JxUD7gE%2BDiD3c2gUZbQsnZr0ItzPeJ%2BfL0iHIjsJubKaXH5LvM3Nkw3YvnRgWXVvnAXdOHemY%2BAWOt9iXNk%2Fqd4%2BbuOdaHDqxFWr0qFKpeJYq%2FK%2FxlRLg0MtIEjldyGcbsGW%2F0u04VhYcZ%2FjCEkMS5LhmZYpkpXSoU2u4RoumYoaPRCLQjWIMhMF%2FrpEEOgPe%2Bi4ne4KtwaSTbWGUDDpIm0pI8fZETSYXQlHNEWkStU5TlF%2Flenj0%2B5J7hANc5pq2IUfAhuOuWYN8X4gHb7ob%2Bfta3uKyY%2FH1TvTBKU5bgABJlGNh3Fc5g10OxafGFlKUGkUk39ZKkq00PqkA%2Bh03rPI5ZFUridcya4AhwgCxR6rNv4Uch%2BHte83DGBMkN%2BcpDLdDhKZzoPJ3pvQ264k2PuYU%2FH2bb21fV9mj5Ias%2FS%2FtQOPKiE0%2BfUwZU924wy5yTMEvmhibLla5W1ay9ASb1DEB0XOFKldM%2FC%2FXqToegTyNhP%2By46bv%2Bar6G4OdiWa5aztEEvZytJx0iQYNCEveekFqqC1x6pcTqdeR6X16st77nja7MAEcdCU0UmYZgjmTeDH8KN4MfFP2%2Fa4iVTq5j86OqB%2BdWiFA3x2Kj9VXesuitCLXY6ntXHjsF8fEQfkxjsYY8vpq1rmAuyhSg8Td3BIaS9pQ9I4U5zCNvNQfBC0tF16Z4WA%2FbiRtvjOclOA8PCarT2UjRuDBsLXfvlFvVvez5%2FsBwCVQYLEAMb7sajmbCrVrZfjjJroXpQBQEUNShKbpw%2FAAVRAVGrc2OOKiW9yYfSMkBA8GC5l0ZigIbc9rtww%2BZJ9f1z6keQpqCbbKDvl20vH2nGbrFzy1AInoS3VKchA87z%2BYjBoST9z0Ze9%2FfBDIvJGut6Qn8aqY5flYRHD6jpy%2Fpn503KLc0OC1RuyXsJtRHqIupzArnrG6exMWOZnP1ZK1kM1t%2BtNxW9g%3D&s2s=1
Title: Do This Immediately if You Have Moles or Skin Tags, It's GeniusSmart Life Reports

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.sgtreport.com&utm_medium=referral&utm_campaign=widgets&utm_content=372834

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/8-things-to-avoid-after-a-breakup/

Search URL Search Domain Scan URL

URL: https://brainberries.co/de/movietv/die-krassesten-weiblichen-tv-figuren-aller-zeiten/

Search URL Search Domain Scan URL

URL: https://brainberries.co/animals/27-cutest-albino-animals-in-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/de/interessant/7-dinge-die-man-uber-das-tiktok-paar-coupleontour-wissen-sollte/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/10-teuerste-flussigkeiten-der-welt/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/8-once-loved-celebs-who-are-now-hated/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/7-thailands-most-exquisite-architectural-wonders/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-most-gorgeous-90s-crushes/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/the-15-longest-running-shows-that-currently-air-on-us-television/

Search URL Search Domain Scan URL

URL: https://brainberries.co/de/interessant/6-haarschnitte-die-manner-bei-frauen-nicht-mogen/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/all-friends-thanksgiving-episodes-ranked/

Search URL Search Domain Scan URL

URL: https://brainberries.co/de/interessant/verliebe-dich-niemals-in-diese-tierkreiszeichen-hier-ist-der-grund/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/20-surprising-facts-about-the-big-bang-theory-you-probably-didnt-know/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/greatest-countries-in-the-history-of-mankind/

Search URL Search Domain Scan URL

URL: https://zstacklife.com/?ref=/sgtreport

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/id1502568407

Search URL Search Domain Scan URL

URL: https://www.organicanaturals.com/?ref=121

Search URL Search Domain Scan URL

URL: http://www.preparewithsgtreport.com/

Search URL Search Domain Scan URL

URL: https://ketokerri.com/sgt/%20

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=b8Nl5%2BpjtAsX5AEBZRJZM3rEDEHYgKT6FJKSUuYPIBaprU6XDY7ShLclGKnSzxPDax%2BqzaB7JclVPAcHSst24wyg91uTs7dLYF9Mjav1soZ6ZjEYwd6D1bzXwRKCWmz4V3jMuiRNle%2B%2BkczmpuXQCZwdXCAZ%2BzwVkbXbhukpZjp2QmeAydlToD2JK7IBm5CmKpS0yXU3n5fXtch9nhKOOuN26FWrzWPN6mIczer%2B51Nm9jkARkBy2ONiMNaOoNKINCkgtYm4X6A7wWkch2GgfFzLMcC9BUNOHJAO7VRTaHw3QZR0OCR2utIccQH8AkwRMvh%2FfC2N4bmUlFSr1OCE0tEkN%2BkJ74wAmsU%2FECatBCY%2FLDtr%2F%2BacyfQN8O1qb88fFrTlCoxsAKO9QPW0uUoljeSJ617%2FampIHsBvjfyAFiCcLCGoAwNAhH5Os91BV1CBK6mykGG1hUgbjHvSIbXVK%2F4YqD2ejR9CKQntzKt9g1P6a%2Bu%2B8HY35UsGE7xgUu%2F32cO954dej0Y8vw%2BwEc8DYG74LkTQ46DKp8s9enA6fpqePIZVGxrx0T0%2FpngooK1CvYMzb0RsusEnLpaOo%2FQaXp6gYBA8Z4A2re%2FW3MJt4mLrKIKRSa4AdXXEdLvLVaWdEgmNFdGlQOkWikTcUHq5jpWYIRMuMfXQIA5Ag%2B2xWUJcJHSUTd4fY2ORqUbXnBOaL%2FklVXhAwXa%2FRBNh9Oax6AswXG4SIMIklqwf1NeN1Y3yyFLGk1zlZ8wv8bTVdL1DU0IRj4pXFnf042ksJIV0YekPnYnhys7e4PgyvXlGxTVgnhSw5AgdpeBY2CJR%2BeYtZLK2quZlndKv%2BBmnd50ZtThp2U2V6S6vn6Nb920shvgaDU7%2Fnx%2FhrULjkhLcCQizQRF%2FAOjrWwkTkhAQJqNRYmOpVMqfHDIjD5n9AvYAwG7v6Jq2%2BysEYhejy5v8oGG%2FmDr1oGhL%2FnDETfwLuYMr5XL9dmBn2jxcReHv7Tn8Jm7NU3IyBcM8hqh3U%2FuvqfUo9MIVa%2F5QK4l910r8%2F1T693nJxO6XUU53AZx0S7yExBBt7LqIChxTIPNy7OlKIOJtYMp60ONbXZgdE0dqQHERGyKkssVMyyy%2B9NYOr4gddIiZZZ5BdwSDK%2BrbbJqDxPiQc58LBjVuR9VRmqM1DFFiAr%2BOy9pruDI6%2B46W4C9sgsFUCcD%2FtZ%2BUNNz4ZklOgAtwcLVDYG7teh8%2FetGd%2BBg9ej732Rv93UtPYpMcgNfssBPivLRfHsnl1NXqUINOKNcTnTYXP9PK0%2FRM%2BYf%2BZ3xY1xqcWwAYJYuelVokJwHRVk7py%2Bxwub2UvzQrHpKHFhtY50FdfLduE4w34fYP%2FZo7msrgYAxsciT3Qr5Q7Mbkb%2BBUDfaEMRPVpRrbx%2BXZwJ8yk%2BUizEfirx%2FZmTEGVCFV2cMvrNwdXgMBar0LJcNU%2BDN%2FtvvYz%2BBy9iX1qnN0Eioj9vFIMsJBZrbf2WK4Wm%2B95MCm6rWwXn2hEE0jpJNBerzRDR4JMtb1ppD83f1RpIwH6ZhgFG1WlDdgUSCDkWW15BTQ%2By8QFtRA3AFDvBN6wBsixmFPKnRY6aRuZyZ%2B5JDi&s2s=1
Title: 39 Completely Unsettling Historical Photos. #13 is Chillingpopcornews.com

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=%2BC%2BKqhKRPwVADtlfb9hl%2BDmd8gvXcH9HbUkEQC%2FXqFXsxBY0QiBW6lrXmZsCSw9kO7fR4i35iU6UfuXwm5eUP7uKX7r06OEJZp1g1hR0%2FqweYnozihHu2DXLY4ojpUf5%2BA4gLxpuJan75Uy3b%2F9s%2Bb8peE0lU1LmgVTF3dCxZfW7bQu%2FvZqAyBCBnhxfJIjWa3ZKhayQr148yzqKewUzFrb1v6O4T84rDmf0L8BNGZIrY2cnvzS1sJfoSJ4pfl0dvLMo4zCKUnWHgWdJTViwBFW%2BBxtxysndjFnzusfZLdCTAuYVJzjCSn3UuFHAVMc4BvUmJK5egxqwy6akyDMmpOYoLdV55mIhj4vhHd8C2QM7qiKjFIRuBz1VHGAR9j6FWhzbocktv1YfFCP97p4Pt4smuyKwd%2BvbsxwuuI4cUwctingWcu26jVLp%2FehRx8X5tzTdkxtapIZwxhhcOpqZYHdV0aZacXLJKl4rFOQJYZudzeUr1iZZssju8uqWI2%2B1bYZEA%2F2%2BOczbUA76OMBB6neq8m02xZ%2FtGm9CFQD9mnRLibDAEcTffsgD7%2FBx%2FA4LVfnkE7QwTTZCxn1aYvj6kwfLcKK9O%2BBowFwdYZAibxYYv4qWI1tMLIyCbptjgSUHhYH%2B7aU2NRPWTjjEtDphMmwy15mmQ3slU8HrjA%2BopVhFQwcEpr7ckVbDjgvIkwXwsp7Ox5TiIA10Er79DumsgyYu2SMrDAYRLs6tmn%2Fjf9y1Q%2BwAAu0JRArfVGP4tkViM%2BpwDruOvD65MJ4XLGtcAJ4sACbw4sK1xmd7x%2Bj78RUyI7m5yc8RJZCdv6LYJvIKoRHKI0GDqoaunBjf%2BPJnRQVn9RhHKYo5qpHgPQKkT8g5NR7ca0Xczqu%2BadIZip6ICIyWdgunhvV8L%2BDePx41Jtnm66XLHlP1jPfHCXozx%2FmHt19sAE4vlxX0R3yR9UecCcIBt05LZGt6Uc0a%2FkEuIiCiBds%2FVZBshq2uVZte2odQ6e3iIl%2FW9j6Uif4Wkqs%2FQZHbQyukclYyrCjfBDVoMEYo7X6dHEdCaIbhuKNo8hDobzMPv4F8VclC7yJ%2BOCWKpKQCfCZ8ss2FF%2Bdbmryeanzo%2B57swBoZrZopqQo9xWQDheXHb0Y0Q4hEN%2By6%2Fy0RebTPyMpuaXvFbr5mGilonm9n8qCfiJAkLOUmngwMufHWxWneS9Wtgyi7GYBbIBnN34mFNv8Kr9wuSGFyH2VTjRmtlDlZ2TqodoaPD54TVqIGsRKg4JFgnc7JU06CW%2BgXu8xBKQn1CUST3hJPfj4XykDSKXsIVzcNtnaprJNENE2NcKLzSc3wNjf2Tat7d3qmGrz1qImy%2FV2VdHS%2BmBdHr0svFsDePjeT6NHkOWVurdzwFBinVAFFWALHHu4bmmO7lfrwD9RVnQGQ%2B%2FKBFn2Gyel3uYO7cMvmcdIr4lCbRie6c9TFMtKVUy9aE9iFJ9Ugd7LT26OgCxdKoVJaBdljtT2x5Ta2x5YpZtRy8RDzE5x%2FDp%2FLoX%2BvzVg17hn7MpZscIpSrki99p%2Bw53%2FEnZ1CuME9MPY3jqBVIN3UDVGVGBvYkvDm6jHTjkF8DSF69QDtI3P0eZ6XCULHlc4Ji6S6YC%2BajuTvRq9gj0swOIBY9NDCJ24RB2L8bN0K6DlWWokc0O%2FYOmE7gI%2B4iQoSavGd%2FIqaxG1W6DeuGbtxMQfnd3M%3D&s2s=1
Title: These Twins Were Named "Most Beautiful in the World," Wait Till You See Them Nowpopcornews.com

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=FD6zOEQScmcRIygb0y6mc%2FrAS7pdCognFXduVEmy656yK5fqda8z29wNt1plYIfAEUlHsHNsOTdXlDAGaH6Z42c9%2FFyPkPEE%2FGXHOCjq3ncaPgjRMcRt6P7zDBCSLHf0njOfUShcTZMDigOvSx8zj6Ak9kxtqVDTqF1%2FhtOD2yQqw55s5xk8vM4E%2BTTtYq2ZMCOAxiltz8QvPZ6ZHLeHhV%2BKF4PfhUUXtp91K9A9g4C%2Bfn2pXdBvynHZbXd4pNnDzdZRllvbmhv8rtBx%2Bry9GZTvQfBNatxpA68Fk4wtCuRK48yWQhUki4O7sMizdy3kGxYzM5G49pxQwCOHl87NVV7WVxx5akuNH5gm7QrxkGuNhHiipFopFNpfpkpwxlWCmvnAmyZeT5XK3eDpfVidJyYWhyGpd8lwqY%2BJ2BhwTf4R11V9dSrZ61%2FLLzpwkN9JyUxJoTg1AWbzlwdkfvb5r7tWCXzZPz6XKDg8v1ephJwpUitAb2GjbGc3jsIu9rvQwkiU%2FCks5Sf2x%2Fk0yZc7kQFu4qqUty9H3Pab0n%2BIQladyH8vveyJ%2Br%2FT8RQwIPe9OL3FK%2FkmC66c1BRpleeU4ApGSfTMRBmiQum5oliIURMDY7NfgPJLESxqY9FujNYrchyiMN0708EcZkYFtqqvfq9jsDnSxJLIYF7pj6%2FCYqct6r%2BTOumhfJb0vK1QUCaGSi48mQWwVX6EFn2tvBwK1vawX0fataCg7MBHOWUYt4QQJRgQpAWMrGlqN7B3SsJ%2BexxgUy%2Ba10DYh7Q%2FmUcwJ%2BLh45NR7oUIYqfzJ%2BjldEKHHETDqQ%2FBGKvGPZMZRW7T18aFi%2F5AGERFAzedVHvblkyKBNm7mXYngwWQ0VlaSTfQW0%2BWgUOj8Z8E6rETVbb9ZHkKJlCKk71dna0gYJwCO9bOjW0d%2BWFBGJ477hGfQ2%2B7m7lVIoPkL%2BnxMkT8mSoliyypFHOwYiEHUjf7%2FV4u9XGDgnlwICdEALjOeTkrFvJBop2qOPgWv29JFmkA%2BUbsO8LNaRYEmrbcCO2wJwW40E2PMhy6ZjSDzTr6l9VKjt8%2FPqP3z69f1yQH%2FAqbIr%2FDgyA5ODxw00vBk3pvRH0bKm1RYJVmLuN9tvU8AuWbuhZNSNyp7I%2B5AT83YFhzqJuwORKlulXv2XzNHnovcuvjvbNJGpGbnTa1N4oontkDdPx3e%2B1IIdsoZptTH4gbEgPQaLssGHhJIRGg8BYvcu4MHzygtkmOTDTOcFsJGmPipcLNxHJ2ciCIa3dbAz%2BEoYvJu5%2FAfUPSQjkq9xDFxkwwZrRjeLEbSsAGF%2FxtzANWD2%2BcsJTaLpil5nbMS2vrByEpcVV1vkumoY0c%2FF1ryrn%2FkDzsftZE3iv7aLcWt%2FpRJFcNysmkOvZ3BxmaTRzTdX2y6LpZ3znzNVd5LndIXbiaslAX28Uky%2FeIkr0p5alOXZQ%3D&s2s=1
Title: Diese Japanische Methode Saugt Alle Giftstoffe Aus Dem KörperNuubu Detox

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=16ivHrD7f3S6LaNcPtEvyQAVAL%2BWK4v9X5qdwD2Oceq95UsKOcZMJZ1DtrNeYckreUibrTKKSlPqlIahaQRtaqgPt%2B0EHfJLxN%2Bzzl5%2FIi9usVL6HSXJKcSldP9FQ1WEgepYnNB9AulASnhVII7PeIrjr8AI%2BrcCGt6%2FddLd65LxGfWaBtQHtGPGc3RlFvfh3KuwDv81KKopa3wEZtyvEtJOQa9cLwVk0ftlfV4BFNwzD9h9coinvSkd9fwsc9JS17%2Fd1HdsbmbVEXcIxC0NDTVF5wMfFiLAcEfv%2FdJ4vPjA5fMj2eU4ViFTom7z6ZMrf8pJyXqDWiCgq%2FdC8m2YoSkLrKGZnb0DGaLV2%2F5G2np9Awq7H102FZy5uRyDIyHEgvxGo2go0KIPPsQZSCnBGZ1wSagpFX84XGNV%2BthO4%2FzaH2X40tSjP5CHWie%2FONyzw%2FNgnHYVsYVx2GB%2F5j43SJ3A%2FYmTc02cz%2FR6tjHOw7Du%2FMMNxQzJ%2BaMR01czgVAyvvuMSAMwYzmJyO%2Fu2YJh%2BfY1dyNbNs7AHA0uVOS8QWgaGXJxx4g4RaspQOC22WitaXaihQcIxmjjm2mBbiiGM0ok0AT4Q%2FLhT8XUepOY7z7sKWcB5mrp6vL1kl8jHSoO%2Fckvd8CMrkWKemPZg6vz5DxkJD7cagxCtXrXs9zanSoY4D09qdzQw8kteCqi6rRshno4BLwSWvrM%2FimhiKr3ZpeVOv3BBBiUxKGBX9%2BisA45mx0L4JBcHorTUR5VQzC%2F9fhP8qRXjKaSdZpY0%2BbjFVPUZRFtglCVvfgDWbKIW7k%2FzIcFKiUwuK09xMQLJvA3ytJ0wwUjiypuaaZf92ccNCO1A%2F3ptidOVA%2FipuoRneygxp2QmlcJIs4xClSRiO0liRXMTNX6fySDqHAcloiz%2FTMFaLjYLmhlpTL5b%2BhypUKJSql5p5TgeX%2FtBBITQBMSbDfcF%2FHhnywTIGrJxFlvCeOil5fSVHD9E2%2FumTudvs8DF2Sr6epafXDiTOeLboS2KYwOSWAdZaSx8KLvLgWw63Zsp%2BLV%2FGCMmbLwzWuAuvnVgByUHiIHgBqh%2Fi5DojYtSdtdoiW6vQDmkuqihYT%2FLlBjiFkg%2F4jiQ%2FhYKk6s%2Bnnd38oVQcVZ9pSpm54JZC55bspUMU7NU4zYYfx6EvXhtUNbN489hYgTQIv3wiZmgGw7VakODUJKd3C%2FwRyG5jfnNyz9GTJGa2C%2BUMrMt1TqFWGU90dlIQ30nm8na16oa8XNZBm3UOj5Z4wfVbzkgTCsxz2PSLCTc%2FC7RmUjOzwUKBtf31WSr0HR5dCPXY6AVP%2FIPx2Q0WvOIPwfeWJ5ORgNX%2F1ioWlwdMilmLWYakrXcnnXpGkWl1uKD9Q69OiN%2B7XJyz6gGxgudIvK4Hz2bJ%2BNo%2FR6unanT%2B2HaJL17lX38L2GpRfc3nynNdzZ5q3IoT4%3D&s2s=1
Title: 1 Tasse Vor Dem Schlafen Und 20 Kilo Weniger Ohne DiätDiät Insider

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=hZwc7LWYXEVuk4lfLpIO07hFjDwDEBZZBsiBMx5D7H7arRBGO85rPVyj75GUxqXEPCphpSzYSf2eQ%2FezEpOmW29Q3iCCNrYheW9nl7EbyZlOAPMY4t0goDdLbRqL6QERX9tgL7Iw9b9RxgAffHan1xA5xxYRtLl%2F7PLvt9gudtq3HOiLvJymGXWGwvlKB%2BbEzsbuJdxGMU0I2Abu0ujCz7dlUBQDUZJlTzM0VvnaLKGED7fm8m5svj%2B46aAqjSi%2BXWDsvnds5R%2BByyauwFT7j57ElyyZ61AzDKtzpbN7tsTLLSGYEHLaFDPFZWdfhBOLxGerMQ16rAhVCCh0LmKJikOudgyHHlHsGhSS6Ad54cvxTO0dNpIwIswiq7SVEjPztcFpK0yjXhBq3qDrTHoxjI7LmYFrd3RZqrQysWPK%2BdpGpFcZtXpFGPZRxQ8os5JUw6iapLiKjmgV5odFuPzU4TspntvIjBo8tsZk4n9rve8dqpZCYFVeqks9Stg95fNlHYowq0BEcefPVKhGDPz8XrzkK9KPENGkr%2FXZD%2F%2FkDepT6Ri4tPFqOChZOg2JZBjF7QPfjQwpsQoP9sQ88fbrUNlaagAh0GisPdOkHYLXuidZhydh7QTVJtSEfajyhH%2FxSv1yTK%2BVPCmS%2FzfsDmFxm3YufgHRASJkKoIfWq5ocJL93FGLH9yB3kcSlQR9K9djlPO%2BC0HtQJrl9Hm4Zn%2Fz%2FGChthM2TbasPGc9zL55veBY8muezY1CbsezSYUX1mQojy1Wrac%2FnMadJjoKAOdksVSDynThMYTxQ88U9P7Jr4%2BNoInUR5%2Fnvupca4blkhPQ0qb50EIRx9N52dIzVAxITLslail%2BpAE20H739FZVPU%2BqmpEWvZVb7b1JFICV1Zj8qixK7%2BA0gYQP8MsBsuTlQL4uqyDOQX6P%2BfTqBu5PPjXlCOECksDymTgqNwq%2FU%2Bt23PAH8C5ZEahGdP8al2LBdS2W8mT%2BW%2BxA7n%2FaPE9%2FQwCrICBJejHehlyKOBHpU9Sy5Rt3zes%2BFfxGetqsWIoHy%2BZMWEim%2BJ7DY7CqVd%2B%2FE%2B7C3niM1Eo67qRBpouc3CixexJq%2Bsj3sFw57424Xg4PCOe6gju6iilVbobe6JRoWJMAPzYR1%2BzWzqlKFu1x7afi0ugXhHqJIwlrIXfdCKKe%2F7lLH3TqvCa3ojkGdIwo1mJC4kgvU2FsMhBAIdVHIaAqWAvHyse8McihZfc8wejSQ8gC15n%2Fv4PHxoiDG506kyzVQAPXidJJvTUb%2BCij1sJpSWmZt6Mn3dCh33dVjfiNk%2BJ1pZFQqFo4AFRtFReLobUr3vqw3Dj8zGIUf5W%2Bff7nJ6WxRpoQYa4iI%2FYeCFF57fnYDpd9wxvwYfzPzkcHoEE97uiSABJwpdjiD%2BQ%2FLfWsD7UcmgsVJ6%2BltF34ojtDGZyzlr7tknU4OaJJ1fsqbVWrjZf0p%2BqPaklJSdy6v9RAwY%2FGqOABWB%2BcveRuCK1O2Z43G0h4GvAu8sZbSCI0%2B1tdCt3WSS7bcy%2B9KxXjLLGe1NXqt1rtnPTp2IQ2Zp0wShM54SfFN8GKWGFT%2B5o5ApOHZva4%2Fs9R34gqoYUypPG6fzeI70dxakL68a01YlfQnT%2FtXuPAxN97%2B12LdjPAeLvBvE8El3qVQKtY9%2BJQdCsV
Title: Here's the Purpose of That Little Pocket in Women's UnderwearNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=8p0V5Ws%2F0qPIhKb76tohoZN5hKYiOA8tB9zXslnzKHPX5nqjBdB5kBY7VSrTwBZgiiQRzcU76owH%2B4u4ns30zHNheosL2dhz6AY26i%2FUox26rOKGF9qGqIDYntWgjqKROc9T%2F2LLPXCITU39ifFLVTC9RUOGZPZu9aIZYKlx6YI469g9f6rwBYMixArujK8OvhrwYT0UOJohKHA7LIh6AlBwkLTB9fz%2BmAFkzQ5uC5G1xlSHe2D1FKSGWXlH0kx8C1sm5kR7uA%2F4lO%2FLi5mY6vHqYB28HrQaNGk0md%2BRrBvcuV9vwOrdqeXp%2FPc3qzIp3WIRsHmDRDcM%2BsLy34H86QuPEgLu62CXlxPPm6M4YOPL4eaWCl3sito%2FQqfw9WZFuM1qxTGqewT99gvQ8T9sUVzT659i0w6XZ5z8MSkSIs8M61KU0bnN503tiqE4lzHu7%2BOM54mCCy4V39SX8Bs6x2YynSfleuoPa7oqqHFpZThUkBsuI38ZBjB%2FUrVRKvEKgCA4lV9LKlE9%2BucN5BZZRtYxivaOGG%2F4OCASboDEKz6GTlZl%2BhUoNhswzbcLwX5dukmvMy5l9ijaAdzLaZTNbH79e8M1lp%2F%2Fykw0%2Bk1fHZaB8PusG0D%2Fpro4h3Ac%2BA1se7iqvC%2BMBj3Vvoxhu0oIu%2FavnV9aOQ%2FsF4SC7jA%2Fi3MnoQa3uOWttp7Myy9Wm3UIA%2BiZSlTp%2B0c9e9yn7gGISUUw8nP%2Bx1d1kaDpXpoL21%2BOpLMoA5fzglpDaZP%2BSJYb6C5e00prNVMmTk2MV1hrQvAnCMcR5cf%2Feaz3YaMhjenB2cWUAPElNBM%2BfppZhzF21xqlLhecxAtj32uQY%2FgVvQadjovSfM8dCAc0%2BigdUTM8Zgd94AiwIPzPoNkUcYEClBw%2B%2Flno5MbESUmZ40%2Fvne6364BTHbciN%2BFZNT%2FFlEfMNsldDIcH1TNOx8ndrwKjToFtNhqWEX7ivH2WrW3S%2BGRK%2Bxs0XKgF9LJ%2F6Ynu0x1DlSiiMpTYyZFX%2FadJIFe27hAV05bQuLgHgSpE1VL1WHOlSKYvIoLYFawC8KSxcwLrwGXSe%2FvzyiY4JBX0WMomyBbNxdqEaktD1Esr%2F3nQGNXgVmUrta%2Faa%2BNTXgoeOK0xnnPHkoWta27XJjKMt7K%2FUNGRDvJemq5sTTpPsAESsZs4eDDyKvGKFieW06gfjeLjc93uoAMpcT2W58OBdfguTsyUBZcwQEmOkFtgsUubLGY3uk5xx6wr2LneA10c6FAuhYXKX2kSCaW6aTK%2FfEld3ksD%2FGKvA3dN5Rf30Sva9sjKRSMkVmpveOREUa9hEk2mrt%2FBTTaHecr2Hb7uGx0Fx3HZkFy%2ByV88zwpciOusED3XJfAkwFfiobTarMfjpYPrbmpk9B%2B7MjOTn4mDjpyT3GzZfmROzoYrlSmf7hYTWU7mzjqt75BiqaHxc2cAnKOVIdlufJrgxm%2BTz3DjfN3Z&s2s=1
Title: Mama Bear Grabs Man After He Saves Her Cubsviralsharks.net

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.sgtreport.com&utm_medium=referral&utm_campaign=widgets&utm_content=372839

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/robert-irwin-recreates-legendary-photos-of-his-father/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/10-actors-that-started-their-careers-on-soaps/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/home/10-best-houseplants-for-your-bathroom/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/are-kim-kardashian-and-pete-davidson-actually-dating/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/beauty/11-ways-to-burn-fat-while-you-sleep/

Search URL Search Domain Scan URL

URL: https://brainberries.co/de/interessant/6-promi-ehefrauen-die-nicht-wirklich-so-aussehen-als-seien-sie-mit-prominenten-verheiratet

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/7065104/64538/0/0/155415694/1

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6991916/64538/0/0/155415694/2

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6661329/64538/0/0/155415694/3

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/7004405/64538/0/0/155415694/4

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6977508/64538/0/0/155415694/5

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/7058432/64538/0/0/155415694/6

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/privacy-widget
Title: Powered by ZergNet

Search URL Search Domain Scan URL

URL: http://www.shtfplan.com/

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=5ecNKGLaaL3vUgqBdS438FTSXO07oIwsif%2FfDQ5ORKRJvu8rdSceUYKtjj6aNV3awdERSTOvPrqCaez3JP0EpY8SHCpdxZ3PQdMP0Nnc8qvvzay6F5C5zX8mSQDajj55VMCEYCQsypHse9xk3jxo4H6QIv02fD4Nj8r7MEWYnLm5WJJHWogIyHngtVy6VfSC43q%2BmoKm44q3OnyPRy1uXy2T6%2BM68BW8edgbeW62rKxIOhKLo5couDqAMlRatGRDOK0VqLG1KPZ77mCJbS1yfq9XAvfft6ekDyC%2B4FeXkEdHQjDY%2BeawkmmxoTt4S2C%2FxTBKtsEh203zs%2FxlO5jB55%2Bhl8j%2FZ1sFFN5NL3p67mXV0t67MJs%2FdjsC4gBf3NkTXa%2FAZv4IkeeTEc4drU%2FM6pg%2B3yESU1wzV38CGGHu26Z0j9rXhpyXsVpPEGhrMQ09guf%2BsQOAVT0gMaZaXvENlWUxmzdNMN4cs83TIzcHsMcuntNfhHfI0kb0wd85Efyq8WoEPkZPFRJ45AnPnmQgFQ6uyoiEDlXeqlPqWSsfH0tgK5XhZEI%2BcqLipqiaBjNUuOsNlqQrPdBlihnyZiMUhJBYRXaotT8asJDU2%2FkgRdwbQasin1ShBgWuIUky4AcE%2F5TMACaIwSJ9KRYKLQ0FzKUPrteal7r1jykzxttO5LoqKeRcL%2FXlBQgdxiEwz0tzL1xAlS0m0DMxQix7q68ZI35TGU6BICyfB8WJJcjc287VY12Mtp7466oy2ie6q3HLS8uApDSQ3QaZt2UXdEGHnlohDaRA37UQqvgSfJ3rEXTpcfdCfmVTmxRUbfj5iuvdY7E4dM0FBS0qBHhHHRus2lGRIw0%2FUdg0zAc1PNPjEmpyArn5YqAiAA0GctdNvGt9mbg4eMkriRJSQu0CU3BodAxd1qdCxBOVDsL7YC9lp9hqC5BBi2ymEQoYncg6hEp8lwVHpu9H0fGbLRHstCV1s6LaHo04CAcKkX%2BjOL3MJnF34ap2pWl6kJqkRXwN%2Bgw6MilyIGsm83o4Kl80z4qyAm4Yt6StQIQxQaFuYcTL%2FLUxErECc8sPQTPzkZg3bHZifuSjDbMExTLZLOHmccyck%2F2paeImyR2kdziwaW2N%2BbDxZ8mEp2YCFmP7%2BMTJQQCnHRfC8F1aS6CDe%2FHTWMX2BJt%2F%2FrONWjqNaySfGCHdTzfWvl3iWVL%2FtIPOf0TkSEpJF6zygZBNAU3ANrRGUusKTPrahvwQAeDYDwpaj%2F%2B%2BQ2kn3ZKD61OLKI4VKzXi1GGzL%2F%2FsRzol%2FdPsJvhHlPZy5PQ1GS9aI982C6mo3yy17Hspy1UOvlr5%2BETCX%2FSakaht%2FTGGpn2L3OF3ZjFurQdUNwamAHtGsUvmZwBEuX7UtNwsbkC1hiKbwhLHiAECxbYKLoLWKOdoZc%2FgvaGBcJPGnSV6i1nx790pFg%2Bb82xIaD%2BVp7Y96PFmDZJY%2FpJTIRxx&s2s=1
Title: Eine Tasse (vor dem Schlafen) verbrennt Bauchfett wie verrückt!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=UVJ9reNC4mmnV%2BXMXueCYFcdwPjfmAIYpHQoGgEhmJ1GwKYmpQp6ZoZf%2FYJNQt6XsVMdBB7aOqdGHSUvPA4cLKYOvDob97tsNCRslZ4%2Fv2%2BlS7yfzF1eb%2FiG8VrFOg8bjKTybHITlW3rBemoQk8AwihMe%2B7EcuUeszG91eHIUdL2%2B5zdDZiiPUBSyZQTc9Pw%2BGGiAHN%2Fe0gChSZZUJkFM%2FUohULMGYYPEgpHxOnMhDwGlUWHh4blbVwWo3bQLkXF4h9a7G%2BnflVS3SoOJI7p0qZoZHguUnawET%2F4K5flF31KY3OJUbSTeBEgzbwBEOaSmRmwq0DwK7K%2FYosK2Tf0Q5wTYCeRBqQIksYD8C9P7OkH7VOh78Fsii8wBuxiVF%2F1XSbiKa5y8EErWldrA539t8ZxLu9RcuS7yThIJ58xHMqWuBuHLfn6K7j%2BR61VfhLzC%2B6aB8HvIsDjU8yssdKadwo7mTUPwnArZ5MZkIITn%2FaWXvtSAwOlrMFUeqPJfEt9rqJEi7g6M5noivhu0tOPta0iEYL3gmv3zswSOwQ0VyOz6LkHa%2BmVOsMwf%2FYf0Mp36gKH72rhrzJrjBqSI%2BKUE%2Fy8pocJMCzMYkVI1CB3hIm9IG5ArO%2FO%2BTcToRZ%2FdJbZDkoLrmZdXvqAGHw8gRUz2Q9YYsDKwcmVLr9ds1eg%2FDJMBkuB77TzBiN6z5QVUYxmi4La1Bjd1QI6aeO2KKSL2%2FSrP0Ix%2Fd%2Fd6VIEPCZmdrx2QAQE2UG2jCmBx0OJ%2F0hQfP9nIIyU6ViwEyzbGPQTus%2FzjKB3gWzzQNPMjkTFd18hlzlKCfYyHcblnbz7FTAP7dXWDVaFgT2arEhOB%2BCHg8AdWAQqPjl2ZLokH4rYwd21n9wbng6xve45U6dnPBWMrGxmOJrBWqmKTPUyj8%2Bq6GHO3Cx3WYdLFGlKOzqocb9SwFKHGGHlax6b1ch8GQ07NSJXrfNb1ANNhUedKrQjWXuo75PbERno6T2iULUyilGSLJVqMvbo8ZP8ATYVjDeCRYWlPfAGRn3aDy8yO7I2Dt7ld2Fnmvv4UN7ningWeT8uXbgcloclD4ljz9JKBq5nHFqy7zUYDT1hQSJpgbeR3Ud9Fh4XwOQYMhuCnh9DLw0S6YoQn%2BfzeS%2BHa%2FadYciCuTc21GJg98DOCds31icR6yejTVTw7N7t1HUQVDp2zM0EqH8cSO0ZFrsw%2BX3b2bwefPLSE9kiPb0gXBVNZmo%2BEEP4ElsIx2B1wi8jT9E2tS%2FceSjSgBwd0DP1360x6Ba49%2BjR1WCFhWDjb5NBv0eEuF3vvXp7q7S2oDU8toNBtqB20LkXxF1HgbYJPnVoz5zZ%2FKg3dBB9KYxqFWE5TBRdXIY7qdrMqF3dMfiSjwzUo8W1VGb7dwProwH2js9c9YUkw8fPpuKnkfX%2FP3vXAhS7smxu2qq5kogZDHCXEWVcYSxqOq6IL47RodFc0LCnpUvBlaeNw9bh5wiHH3%2FoScLkGw%3D%3D&s2s=1
Title: Eine Tasse (vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=QPW15TbfX6VoeIDRm7v1m4WsvwnfDwR5ismnDqreYxED7p49Uh6HKq9Cldm6mZi7sw%2BUy523PfYzWKX0Ia3z8BlJUm%2FTu6cozdXuGWVRQIQbO55W4JvV1v2EqS1EMq4JmRZ%2FCkZLgYlTw63MRZsMb%2BFCNOE3j4hNBa5yCZOVTQ%2FToemapNh8I%2B4DbvmZtYwBAndNFK8nm%2F94Kt7OH%2BCjUzSxn03x5NmIsSWXeo%2FbACTasSiKiXE%2FP9y9rh8N0w52hXeNIESnzEOrwiIWVeEKPh0HV3P8fdmm1JoSnzcFeUxOsg8y677yVL1UQNQ7CXQxO7k4tKJGy2yWgtlpLVJwkB0z7WDw%2FLVXMPgWxluOy1CYKeOnq6QIv%2BlQhV2LnbON2TsHLH9jgo8aYHN2oN%2FI6%2F8eBoi71AkAiSpHwcMjL%2FWue0%2FFvz2kq6o331tIGILFpNVUPi7MrG%2FWi%2BQ38LPt2G7qu8hFPhUFV1OyCwCMNPCmyHUf%2BGTo9xlUWIxkV4XQqBvghuWLEhoyOc871Z0Bf3NL68%2FqJ3T6bmJ7XUDspynOlgLPCv5n6LFzSscZZh%2FHsQiHV3cntm61bmJLVuuqiHjMgQrvcJkq8zhdZZ%2Bwn2x9chC9AWxzk30ocI1QbQLM%2FAvZB7DnY9tE51g0bp6iWy0a%2BY9SRZXyJbTjfgwGqu69oIxW2yu8L%2FQ1JMtD%2BA2%2FvPNGfGDt4DobUd9BGTAcPH%2F%2B4yUKJJUwO%2FhYEiOvGQrgHkAoTghVKmpYVF6Aze0Jrpg%2Bs%2FSML7gX0A5G1OvfFsga6ge4fJg0ziF88vspi33NfYOccBYqG3NWR39xoPZkj56lhuiA7hX%2BzThMv9SWN%2BWfyEiknI4cK4Ypne59MKdF2ZOaasHGllGnqkiDtH1ufUJITGjZFZsHiCL2FkKlaFgCQcr%2FMe2bSNYi9yc6NJu5aR2Pg%2FekAPNQc%2F1CEZCZYRMFfuWzhqddmWgxSuHrXUvWUTqF9cFG%2BBi2XgFbLARJia965JT0zTRfEQaRXMQ2iCJ3kOc7GWiXAvqzEnZfeZQv7gxB4DNqrQO7Ix98vFlwKKhD7lj%2FmMHT%2BEq0J1cxgdqO%2FDe7GixgVj9YqSlXY6Qeoy8Y0tyKoaQfvzhqcPIyTK%2BZjyP0tggvQOEOPxGYWM6kC7z8HrmxOPNu8SdPWwK9Ss0cGzuukhmkxPVH0G2xKEbtmc%2B57%2FAt1WZ82tJMmvnN96UNF%2FSqRxzI1wKRXdH3RIkPVU6cjK7uD0SBb5OpxbikRO6FE93bBSEHz8AQ8YfdEdU3zRlV%2BdwlKzTHks%2F4phHL7V70UyMSxmFaNka%2BK%2FUd3brk%2FQwyv4PaLdmp39%2F1sTunAkWTwSOBK%2BGtJcI%2B0BT1ATbFfKkkYrNTrBTXSLld%2FTuvlSHQUPQcvI3XNjh4sRMMN%2BX8S92t9h6EZj%2BBN1JRa2broAJreNi1ENGnoVYBbB6v%2FrPEoIqNxnnG&s2s=1
Title: 1 Tropfen (vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=zSJ99QwmWdB00gV6QjuUSohBzMDb6MVlqRdwCGiVNTl8fHIQ6cClaeP5uRkxX%2Br36UPU4Rz679x%2FbkhwyWMu0VoIrVu00FUihjufrvPhfKixKRm7dmV32wUyKREDOFf71%2BhObWrUlCrcdbNFCQIl5fkwOXxXGd35Ra%2BGZGHuU6To1eS0mgcoR%2BykLu8VXaOHoF2tPX04SSjyXV21LX93j%2Fs6x7O9XhCtUOHw5EXbP2per2qddqBxuA8112TDGqaIlweie53IUTSHfzuyhG3OmBKxZaomLc9jdONT%2FG0q0bTq6AcHZFjCJgToD9USBcfWFD%2FlgJKY1n%2FGCYhsAbf6COwn8QsTyuB53n3wpZ9BE5oJAjJKebOe%2FWMYbVSZ%2B1%2B5W9AU2arJHbYGs2yo5d9v08UYil3sFU2Oz6FPSVaGl8ZHaVqqIZeYKkTN%2Buzgj5BqujEGTjiVkNnBdAe4t6b8By7J6ldeGL%2FT%2FORYwW45Zw5QQq3lqtzsoVwGozH2iPUJnq1BjbKNL1kq%2B3CcPr87RSP0CrxQQRC2ZJclEC7UITUYE5t0sIUA37zE1Hiqvulopfgopc0xBkHENbOke3PhsgP8kznS%2FTku0pYMWeIB1VxebYKyZ%2FPa32hogfSq1yd7edDYGZaY5XROFQKCBKTMCZMYAtELS%2FNkMigxXw2Bq4IF7HCn%2FLmbITZcvqj9XXq1SfS%2F9oFr7gUF98Qg7q6D%2FrcSqzeOva22jYdc43nIsQ443PlGnrEdCgUnprJ6DZL68%2B97IyFF%2FK7QLUiOuFi7ZMKNeUpgFuH%2Bx21%2BMsRwwDjQChAoEa3wPZhY9Wc200aAKOgRLCY4hwVvbNrS%2B0U97cWuXzJk7ooJVDiaPAcK%2BXRIWMQXf9bOleSv9DaN5yM89fYpyzQXHKgEdDDLAaRH%2BMDbQ3mTZ5%2Bff5mHv5R17Y9V%2B5hUmQ3xYqTBC%2FxV6WlleBwX2KABdfB4%2FaV3xOnir9coRsdurxi6vG7Zy%2FVcltDZoxPFVSupnYV2Exz%2FphGzZ1Gap4AJFa%2F3EpKi7Y3jmtfPqldDL9Awa9UHHtyrSCzo4QAbpHvrII%2FLHvnoIfHdW6BN0QuByy1yzrgK%2F1scqIN8EQy%2BX6RfhkFUima0a0gV0U09wnW47sLXD6ViyCi1dc12g3mTU29e6i77zGVTCh52e%2FV0xks1pz96Bq4wxHGJzBaqwqzR9Jaxvfgb6zZteNkULgSOKs2UieEJEqPlgtrpLlCwoCPewMVgReLRrislpPldNiE4feBs%2B%2FbsZnZFLWgpPRUNLlLJl%2BqEiDNNgSEdy2MpQ96o6bVTqx958E8BFrsxgsJNqCFrUI1NBCDvSpqpWaJ0k9RDdQBDvyrL3al650lVl%2FUzkHaSBf%2BaYHmPxDnnB590KYgHFHp0EfYcygshRyqgwvYA9l%2BYD0BKvYullEN8xw%2FNtYwW0Ur%2Bpjg%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's Deleted

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=ClkztUNpDgQJscXboaapuU31z6rQEdhPEOfCJ8gvedTlJJK8XWAGFvy0Z3cZSTaHZEb5kTpg5h2qsYIuK5XM%2BmxThiQTsyN6Ga%2Fdn3Esizd4E2Y2mgtjX0F3kSmzNSI0nuMCBFEPcpGfLChUtVi%2FdhnXqp8CLMCuRenXIMKlWyUl6aXZupvERsCsbCLBZ16bdPiVJmPni0BoCWTnnR2dO1W2tVr%2FkiFjBM%2B1fMBw9ItIf5TT89gsh3L1MjMp2QTLMwXWn9YP4gFS3hQzgwaTIS7vPTjqoEBxyDBhyZRAkKs7mxijRxl2yTw1gP59fLjLVxttTku5C7Cp0G%2FzLgvH2zznKJANJDfjGQqmsMBowLCBSrgnplye2kyDYH7Geln4Iw%2BqR6GfAycuciqWGyPb8yJUyp4qB4gAiKi%2Fy4RxQRx9h%2Bf0T%2BWW7Qv4kpnQh6axuqHtfO%2BPcTo1p8rK%2Blj2nnnXK1o2%2B7wlg7JXoN2XKHkQTRRX39j5D%2BDz%2FhurCb%2BzfAOThP2dgatiHe6tZ2xVNIjuh7BGqxI2YT5pJOZUpuHgEPqnxjAhW56j2Ra49eX6D5Nf7hYxiga5QpURrIsU2NvVhEzhVUov3Ia21pjn67iqxdjoOF3yoIN2vGwMv3Rd3K%2FC7MjWPF4fp38bUMAzQi5jMM%2FHOrOhfmrRe9vBAjRIBNegXXwKgnB8nFd1SKCTbDDVG2dYi9U07eiuUeFiARnbiU9yG5gQFkevbw2ozwehNsUZDP3PAWzQdc3D6PqJFJfJPtFO0DggXecmZW250HMlUk2Nit9HvFnv1Y3CGuzwHVShZmOQjqQ6MTxeuMbEshy3wASBjfj3OdTwQ%2B%2BNTQNare%2FZutKWfsEPFvelBBtra4Yanp6TYfLeO%2FugAnX967DMQoqkR8SsH3eLIX175aIx6tUsTIASAWD1MXQg7BgQUteCuHCt3m8KDkZ0orNDpbXeZqF%2BGvJcPNriQAbeeXsz1EJ%2F43zqCPN1NDklCxoxWRouRfeBQaKxzbpP7Ech6UBm7rvi6%2BXC4srF8P0uC%2BLwZE%2B2SLTK14LT4pI9gnnlxKukJdErFG7iP72LvXFnuMUKoQsUgtgTZlg2%2FqlarBwbnQllNdQ64D%2FlDl%2B9WLl7NNauXLCNp492YwWXJxFZCAtiJBnjjt8bmjOzRBaJD1ODHRs1S8ygAq3Lfy9ic8Y55zAVze2ZXHFebnk9sSV2gXtglwZOG59X9EyfZgSxY3qV3EQkg0NoB3jZoSFTpSDCyk%2FVloa%2FTB3PoDnaP0KjCYbZ4vjLhSMTtIv4rB8enixMx%2B9H7Ua186pWsj6O3uwlLP6scqKPnmDpzWPj%2BIqSOkQBlPgZnVuVro4gimRBz0l7XWUXA5Qlpxilz5cUW5FDN9Pw1rXMKLHNJEr7aExpDQ4JmhfTvtttuMIOL4rCbjZoMM9pRYct3bFDi6U0H%2FcMR3Abb0vmtkvSJNWZGwls&s2s=1
Title: 1 Tasse (täglich) Wird Ihr Bauchfett Wie Verrückt Schmelzen!

Search URL Search Domain Scan URL

URL: https://thephaser.com/

Search URL Search Domain Scan URL

URL: https://thelibertymill.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=6oS5VXx1TEFmMTlRUUtDUTBuYzFrVldQUHVMVEtaMFJqeUErdEtsNGRSVmt6b1lNQk5qd0N1eUdINHMrWml5K0I2SllNNllpSWFrVWwrVWZLTHJ5V3I0WWdsQjhLbVFVR2VLb0g0NWpnWkdrdEh4MXFMeFdtbkhxUE5xZ01VNWQwK3k2S0V1MkgyT1YyN3JFRS80ajlobHp0RlFENnFMcCtMbGNPaWEyWlN3dkJpUk5VMVcrRU1EbTRWOVpXeDBFN0E0NXhna3k2NUxLU00rZjUwZUdVU2VTdWVDbG1HM1BiVHlRM1RwTGRzZlZHS09GYmNQci9XeGZuMDNmRzU4elArSzB6fA&cppv=2

Request Chain 77

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=I-9Q93xXUTQvRFN3bk45a3FPZDJaYjNjUndwVzVSd0k5RDdKY0tWWGlubDRodWpSOTF1eTNJMVk4dTVpdmNoNytaSHBkdytuODhieFp1akw5T3dmUkxZb0ZYcXlEeVlsNGNvRXhjbTMvV2FEUTN4aTFFTkFNV1JGVGJ5V3Q2R3NEd0dRTXRGQ1NBbjVqSDNZMDY2NVNZQytVNXdFd3I2RXM3RWRncWEwMllqemY4SzQvR2toTG1MYVlWNEF1U2hxMkF0cW1WMitSTmYwV2J1YTZiVll5V3ZmZ3NYWCtVVERQY1dNNUY0aTZjN1lhMUJtNlI2dkdaNW9kQ2xqdGFkMkRxWnBUfA&cppv=2

Request Chain 81

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lw8OD3w0VTlPZk9xSStUb3RuNEFIaHFRR3NIOEdaT1pwL3FWcktZTzI1bEZBZW1CQTJBQmNOeXQ2YkttZll3WmJpMDM0VjBlNlBlYlNMZFFCbytIcy9TQzh2Z2VWN2NqY21BRm85M0l4ZmVqajdNNUp0VVBNcFBtUmw1SVBNTmhhTEF5VE1XdlZCcHVkb3ZWWStCNWxrQVYxM3dUcEw0UU1jN2NjS3E0VEhueUh1Rk85b0FLbTdBdXl0TzVFY0orOC9PMzhVUDdYcDR2a0hqbC9mM1VMZTVRN1AxVDU3VWs4d1dJcTZlVEZwYjZ4QjFMMGcvZjUyOVFyaEptbEhpNzNDcFlvfA&cppv=2

Request Chain 177

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=9b7HD3xJZnZWMmNqbTlJcnFjY1hhd1VWMy91cHBWeUk3MUIyTVd5WUliTnQ3WU5LbEE1ZHU1MEZpSnk1eWhVTStuU3BkRWVYdW5ETE9oTHFHNTl1NXdWUk9mVXV4R1ZZWFBTK3BJZUxyamM2bmxIaFJQVHJrSFliRjFKRmNhcFExVk9zNmtrVzdXV211Z1d4aUZsQ3JYQUhja3NTSlpaeWJBa3NqLzlCQkJEclJqWGZEck8zZi9Jc0ZDRHNlYTJ0Z2J0UmsycHlLSHVYRUN6NDlrdDZpQkFvUU9taU01eDNFRFNWVHIzWTArVTNJdjZqUWFCK05SMWY2QXRRSmQwSmF3Sm85fA&cppv=2

Request Chain 179

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=GWz7hHxVbHdaa1U5TWRBcDNtUEZqYVM1NEFTL1hnS0pqM2VzRlpOd1RDN3U2TkhrNEwzNklEcmtXbmc1RlVOUGxJME93YzdLZXJXRFZHeUlCRldwbHlmbHZlNitJOHZmTzJ5VnFkWUV1YlBnVEdnRWRHQk5FRXIvRm94Vys1OGJrNlJQaGh6RzNwdklaOUZNckQxK2RwMmZmVkpyZVYvWmFFb0JhUk9BQW1UQmVKL1E3K3RjMVdHSWYwaGNhYkZ4NUt3VlZZb2EvTEQyRWJtd2VTeHVHU2NXcXNTMlR6QWxHVTkrLytqVGJBSjdqNDduUSsyZG85cnVRbU9CeWcxNWU4Vy90fA&cppv=2

Request Chain 181

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sXZqrXxoa2tLNXpXQm9NanNVRUFzYlgzWHFUUmorWGtUUW9MZTRhYUhSK0ZFTUFWVDdlS3QyZSs0VDZxWDUzek16dXNydEh4bWQxaHNvS0kwNWJrbjEwR1dyMU1qaFhRZTZ5WHlDcWN1RTBLNTRkbDRJdTBoNFpJVW5VdmppYk9uTlVJa2kvcVpteHFGNzArblVONHZBeCthMVN1U2xCOXZZckM5RlBtMVJlc25LWnRsUXBGUzVEaU1qam1QSmJhZXpOYjJ5TDgwQWltbVFPT2NjempEMjZvSElBWDRURitVL1B0SDNxL2JhOEFDTjZJUGxrYTEvOUNQR1FyYk1YVWlFNEx0fA&cppv=2

Request Chain 554

https://api-3-71-7-237.b2c.com/api/x?efx5dRmGVy5ghV9s$cGljYXNzbyQwJGMxYjJlMDAyIiwicGljYXNzby10aW1lJDAkMTUuNCIsInVybCQwJGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1tZ2JsdmlnYmEmZT0xMDcwNTQ5MDc2ODUxIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL2tsb3BlcmQuY29tIGh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20iLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMSIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQwIiwid2luZG93JDAkMzAweDI1MCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDAkdHJ1ZSIsImRldmljZU1lbW9yeSQwJDgiLCJkb05vdFRyYWNrJDAkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQwJDQiLCJsYW5ndWFnZSQwJGVuLVVTIiwicGxhdGZvcm0kMCRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDAkR2Vja28iLCJwcm9kdWN0U3ViJDAkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMCRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIm5hdmlnYXRvci1oYXNoJDQkMjRhMTEwNTIiLCJuYXZpZ2F0b3ItdGltZSQ0JDMuNCIsInNlbmRCZWFjb24kNCQxIiwiZm9udHJlbmRlciQ0JDEiLCJ0aW1lJDQkMTY0NTMxOTY2OTcyMyIsInRpbWV6b25lJDQkMCIsInBsdWdpbnMtdGltZSQ0JDAiLCJwbHVnaW5zJDQkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDUkOTcuNCIsIm1lbS11c2VkSlNIZWFwU2l6ZSQ1JDg2LjQiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDUkMzc2MCIsInRpbWUtcmVzcG9uc2VFbmQkNSQ0IiwidGltZS1kb21JbnRlcmFjdGl2ZSQ1JDQiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDUkNCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDUkNCIsInRpbWUtZG9tQ29tcGxldGUkNSQ1IiwidGltZS1sb2FkRXZlbnRTdGFydCQ1JDUiLCJ0aW1lLWxvYWRFdmVudEVuZCQ1JDUiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkNSQwIiwibmF2aWdhdGlvbi10eXBlJDUkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTIkMC4zIiwiZ2xvYmFscyQxMiRhZTYzYzAzMCIsImRvY3VtZW50LXRpbWUkMjMkMi45IiwiZG9jdW1lbnQkMjMkMDYwMTQ0MTciLCJjb25uZWN0aW9uJDI0JCIsImRvd25saW5rTWF4JDI0JCIsImdldFVzZXJNZWRpYSQyNCQyIiwiZm9udCQzNCQxMDAwMDAwIiwic3R5bGUtaGFzaCQzNiQ4ZGU5MjZiYSIsInN0eWxlLXRpbWUkMzYkMS43IiwiYXVkaW8tY29kZWMkMzYkMjIyMTIiLCJ2aWRlby1jb2RlYyQzNiQyMjIwMDAiLCJwYXJlbnQtdXJsLTEkMzYkaHR0cHM6Ly9rbG9wZXJkLmNvbS9yL3AuaHRtbD9mPW1nYmx2aWdiYSZlPTEwNzA1NDkwNzY4NTEiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkMzckZGVuaWVkIiwiY2xvY2skNDIkNDExNyIsInNvcnQkNTMkMTAuNSIsInN0YWNrJDUzJDEzOTgyIiwic3RhY2stZXJyb3IkNTMkUmFuZ2VFcnJvcjogTWF4aW11bSBjYWxsIHN0YWNrIHNpemUgZXhjZWVkZWQiLCJzdGFjay10aW1lJDUzJDAuOCIsIndlYmdsJDU4JDEiLCJ3ZWJnbDIkNTgkMSIsIndlYmdsLXZlbmRvciQ1OCRJbnRlbCBJbmMuIiwid2ViZ2wtcmVuZGVyZXIkNTgkSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwid2ViZ2wtZXh0ZW5zaW9ucyQ1OCQ5ZGZkMjU1OSIsIndlYmdsLXRpbWUkNTgkNS4xIiwidXJsJDAkaHR0cHM6Ly9rbG9wZXJkLmNvbS9yL3AuaHRtbD9mPW1nYmx2aWdiYSZlPTEwNzA1NDkwNzY4NTEiLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJGh0dHBzOi8va2xvcGVyZC5jb20gaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDMwMHgyNTAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJDEiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMCR0cnVlIiwiZG9Ob3RUcmFjayQwJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMCQ0IiwibGFuZ3VhZ2UkMCRlbi1VUyIsInBsYXRmb3JtJDAkTGludXggeDg2XzY0IiwicHJvZHVjdCQwJEdlY2tvIiwicHJvZHVjdFN1YiQwJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQwJDEiLCJ1c2VyQWdlbnQkMCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMCRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQwJCIsImZvbnRyZW5kZXIkMSQxIiwid2ViZ2wkNiQxIiwid2ViZ2wyJDYkMSIsIndlYmdsLXZlbmRvciQ2JEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ2JEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsIndlYmdsLWV4dGVuc2lvbnMkNiQ5ZGZkMjU1OSIsInRpbWUkNiQxNjQ1MzE5NjY5ODE3IiwidGltZXpvbmUkNiQwIiwicGx1Z2lucy10aW1lJDYkMC4xIiwicGx1Z2lucyQ2JGI2ZDA1NTU4IiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ2JDk3LjQiLCJtZW0tdXNlZEpTSGVhcFNpemUkNiQ4Ni40IiwibWVtLWpzSGVhcFNpemVMaW1pdCQ2JDM3NjAiLCJ0aW1lLXJlc3BvbnNlRW5kJDYkNCIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNiQ0IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ2JDQiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ2JDQiLCJ0aW1lLWRvbUNvbXBsZXRlJDYkNSIsInRpbWUtbG9hZEV2ZW50U3RhcnQkNiQ1IiwidGltZS1sb2FkRXZlbnRFbmQkNiQ1IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDYkMCIsIm5hdmlnYXRpb24tdHlwZSQ2JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDEzJDAuNSIsImdsb2JhbHMkMTQkYWU2M2MwMzAiLCJkb2N1bWVudC10aW1lJDIzJDIiLCJkb2N1bWVudCQyNCQwNjAxNDQxNyIsImNvbm5lY3Rpb24kMjQkIiwiZG93bmxpbmtNYXgkMjQkIiwiZ2V0VXNlck1lZGlhJDI0JDIiLCJjbG9jayQyOCQ2MTMwIiwicGFyZW50LXVybC0xJDI4JGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1tZ2JsdmlnYmEmZT0xMDcwNTQ5MDc2ODUxIiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDI4JGRlbmllZCIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTU3JHByb21wdCIsImJhdHRlcnkkMTU3JDEgMSAwIEluZmluaXR5IiwiYmF0dGVyeSQ2NCQxIDEgMCBJbmZpbml0eSIsImF1ZGlvY29udGV4dCQxNTgkZjdlNzEyZDkiLCJhdWRpb2NvbnRleHQtdGltZSQxNTgkMTIwLjIiLCJmcmFtZXJhdGUkMTU4JDIwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDE2MSQweC0wLjI1IDMwMHgxOTkiLCJpbnRlcnNlY3Rpb24kMTYxJDgwIiwiaW50ZXJzZWN0aW9uLWVudGVyJDY4JDB4LTAuMjUgMzAweDE5OSIsImludGVyc2VjdGlvbiQ2OCQ4MCIsImZyYW1lcmF0ZSQxNjkkMjAiLCJhdWRpb2NvbnRleHQkMTkzJGY3ZTcxMmQ5Iiwic29ydCQyMTAkMTIuNyIsInBlcm1pc3Npb24tY2FtZXJhJDMwOSRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkMzA5JHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDMwOSRwcm9tcHQiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDIxNiRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQyMTYkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDIxNiRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQyMTYkcHJvbXB0IiwiYWRibG9jayQzMTUkMCIsImFkYmxvY2skMjIyJDAiLCJmaW5nZXJwcmludGpzJDI0NSQ5Njc1ZGFiYzcxZmU4NzljZTc5NWFhNDhmZThkZGMyZCIsImZpbmdlcnByaW50anMtdGltZSQyNDUkMzgxLjkiLCJmcC1jb2xsZWN0JDM2MCRhMDQwMmU0YQ~~ HTTP 302
https://v4-api-3-71-7-237.b2c.com:444/api/4?efx5dRmGVy5ghV9s

Request Chain 557

https://api-3-122-254-151.b2c.com/api/x?AAppOZbRMfvsNzrG$cGljYXNzbyQwJGMxYjJlMDAyIiwicGljYXNzby10aW1lJDAkMTEuMyIsInVybCQwJGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1kb3F6bG1qZmgmZT0xMDcwNTQ5MDc2ODUxIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCRodHRwczovL2tsb3BlcmQuY29tIGh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20iLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMSIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQwIiwid2luZG93JDAkMzAweDI1MCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQzMDB4MjUwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMSQxIiwic2Vzc2lvblN0b3JhZ2UkMSQxIiwiYXBwQ29kZU5hbWUkMSRNb3ppbGxhIiwiYXBwTmFtZSQxJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRldmljZU1lbW9yeSQxJDgiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDQiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIm5hdmlnYXRvci1oYXNoJDUkMjRhMTEwNTIiLCJuYXZpZ2F0b3ItdGltZSQ1JDMuOCIsInNlbmRCZWFjb24kNSQxIiwiZm9udHJlbmRlciQ1JDEiLCJ0aW1lJDUkMTY0NTMxOTY2OTc4NyIsInRpbWV6b25lJDUkMCIsInBsdWdpbnMtdGltZSQ1JDAuMSIsInBsdWdpbnMkNiRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkNiQ5Ny40IiwibWVtLXVzZWRKU0hlYXBTaXplJDYkODYuNCIsIm1lbS1qc0hlYXBTaXplTGltaXQkNiQzNzYwIiwidGltZS1yZXNwb25zZUVuZCQ2JDQiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDYkNCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkNiQ0IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkNiQ0IiwidGltZS1kb21Db21wbGV0ZSQ2JDQiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDYkNCIsInRpbWUtbG9hZEV2ZW50RW5kJDYkNCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ2JDAiLCJuYXZpZ2F0aW9uLXR5cGUkNiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxNCQwLjMiLCJnbG9iYWxzJDE0JGFlNjNjMDMwIiwiZG9jdW1lbnQtdGltZSQyMSQyIiwiZG9jdW1lbnQkMjEkMDYwMTQ0MTciLCJjb25uZWN0aW9uJDIxJCIsImRvd25saW5rTWF4JDIxJCIsImdldFVzZXJNZWRpYSQyMSQyIiwiZm9udCQyMiQxMDAwMDAwIiwic3R5bGUtaGFzaCQyMyQ4ZGU5MjZiYSIsInN0eWxlLXRpbWUkMjMkMS40IiwiYXVkaW8tY29kZWMkMjMkMjIyMTIiLCJ2aWRlby1jb2RlYyQyNCQyMjIwMDAiLCJwYXJlbnQtdXJsLTEkMjQkaHR0cHM6Ly9rbG9wZXJkLmNvbS9yL3AuaHRtbD9mPWRvcXpsbWpmaCZlPTEwNzA1NDkwNzY4NTEiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkMjQkZGVuaWVkIiwidXJsJDAkaHR0cHM6Ly9rbG9wZXJkLmNvbS9yL3AuaHRtbD9mPWRvcXpsbWpmaCZlPTEwNzA1NDkwNzY4NTEiLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJGh0dHBzOi8va2xvcGVyZC5jb20gaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbSIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQxIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDAiLCJ3aW5kb3ckMCQzMDB4MjUwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDMwMHgyNTAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJDEiLCJzZXNzaW9uU3RvcmFnZSQwJDEiLCJhcHBDb2RlTmFtZSQwJE1vemlsbGEiLCJhcHBOYW1lJDAkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDAkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMCR0cnVlIiwiZG9Ob3RUcmFjayQwJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMCQ0IiwibGFuZ3VhZ2UkMCRlbi1VUyIsInBsYXRmb3JtJDAkTGludXggeDg2XzY0IiwicHJvZHVjdCQwJEdlY2tvIiwicHJvZHVjdFN1YiQwJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQwJDEiLCJ1c2VyQWdlbnQkMCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMCRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQwJCIsImZvbnRyZW5kZXIkMSQxIiwid2ViZ2wkNyQxIiwid2ViZ2wyJDckMSIsIndlYmdsLXZlbmRvciQ3JEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ3JEludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsIndlYmdsLWV4dGVuc2lvbnMkNyQ5ZGZkMjU1OSIsInRpbWUkNyQxNjQ1MzE5NjY5ODQ5IiwidGltZXpvbmUkNyQwIiwicGx1Z2lucy10aW1lJDckMCIsInBsdWdpbnMkNyRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkNyQ5Ny40IiwibWVtLXVzZWRKU0hlYXBTaXplJDckODYuNCIsIm1lbS1qc0hlYXBTaXplTGltaXQkNyQzNzYwIiwidGltZS1yZXNwb25zZUVuZCQ3JDQiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDckNCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkNyQ0IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkNyQ0IiwidGltZS1kb21Db21wbGV0ZSQ3JDQiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDckNCIsInRpbWUtbG9hZEV2ZW50RW5kJDckNCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ3JDAiLCJuYXZpZ2F0aW9uLXR5cGUkNyRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxNyQwLjQiLCJnbG9iYWxzJDE4JGFlNjNjMDMwIiwiZG9jdW1lbnQtdGltZSQyNiQxLjkiLCJkb2N1bWVudCQyNiQwNjAxNDQxNyIsImNvbm5lY3Rpb24kMjYkIiwiZG93bmxpbmtNYXgkMjYkIiwiZ2V0VXNlck1lZGlhJDI2JDIiLCJjbG9jayQzMCQ1Njc3IiwicGFyZW50LXVybC0xJDMwJGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1kb3F6bG1qZmgmZT0xMDcwNTQ5MDc2ODUxIiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDMxJGRlbmllZCIsImJhdHRlcnkkMTc1JDEgMSAwIEluZmluaXR5IiwiYmF0dGVyeSQxMTUkMSAxIDAgSW5maW5pdHkiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDE3NSRwcm9tcHQiLCJhdWRpb2NvbnRleHQkMTkyJGY3ZTcxMmQ5IiwiaW50ZXJzZWN0aW9uJDE5MyQwIiwiaW50ZXJzZWN0aW9uJDI1MyQwIiwic29ydCQyODckMTQuMyIsInBlcm1pc3Npb24tY2FtZXJhJDM3OSRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkMzc5JHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDM3OSRwcm9tcHQiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDMxOSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQzMTkkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDMxOSRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQzMTkkcHJvbXB0IiwiZmluZ2VycHJpbnRqcyQzMjkkOTY3NWRhYmM3MWZlODc5Y2U3OTVhYTQ4ZmU4ZGRjMmQiLCJmaW5nZXJwcmludGpzLXRpbWUkMzI5JDQ2OS4yIiwiYWRibG9jayQzMjkkMCIsImFkYmxvY2skMzg5JDAiLCJmcC1jb2xsZWN0JDMzMiRhMDQwMmU0YQ~~ HTTP 302
https://v4-api-3-122-254-151.b2c.com:444/api/4?AAppOZbRMfvsNzrG

Request Chain 617

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lcX_13w5WWN3TVJsUko1RHdjVktGQTE1NVRhUGFTbURlcE9DaG9iZm9QVmkzN1FONkJXS1JQL2ZQQ2RJNEhGNzVtc0plT09FMFdNNnVLRVBEYm9oSUhzUmZxc1lpaVRZZGN3czViT0xuMktHbnZuczd0M3hoSnFuZVI4UTNuNU1panVSaHYwQUZZZXF5WWFGc3NaYng5ME9NQmY3YVptRmtINGZlWW5lZndIVUplVnpVa0pvTTVnQUhBNkk1cXBjWDd1eFBZVGR1OTRwMW95Y0ZLZTlOdDUrWklkYktoc1RjVGFKcnZJU0c4ejlOdW9jQkYxcFRqcC9xekVaTnJLOGlnZWtMMGlZRytYaUVROUREeVUvUVUxbkhsQXkyclZXKyt3QXZtOU1MaVNMdHpFaz18&cppv=2

Request Chain 647

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uxUXaXwxRlVPQys3Q0JnbHlKQWZsUHU2ZVIvd0hpU1VpWko0aDVDbDNSR3RDTFlZSkRzcEt5Z3dvbTluZmFtMnRHSHpXTWUxOTFaQld4UXU3dUxiaXF5Ky9sMG5VV3cxbmJKejVCZURwVDdHem5uS3lJd3lVNkplSWxlTjF3T1YvamxWaTluRlJocFM5OFFzeDFSR1RLa3RUWXpGTTVseGp6NitPbWtoSTVQdGIrU2VsM2tRTnBCRk1ISGwxNkF0YlgrRDRZYTBzQlpJVFZuMWxlT013UG5tbkRqT0ZKdU1IOHF1NWFXSkFSY2Jub2hjVm96eC9KTDBzSWUrNkFNQWdOR0FkZ3YvbmdudjZocVhuSHl5Q0FpNUhQMTExMy9IN3FmWCtCREFCTHNGMW52bz18&cppv=2

Request Chain 650

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Xi4hjnxEZUVKNlJPNmFoU0R0MmthVk5valF3dWJRcVlha2sxMDArUVZSNmlOZTlMUVJMd0V0RWcxRjNUYkVxNzEzMEwxVkZXbG1SZUthaG5Ua3g1d2Q1dUdNMURFOWNzSGNISUF3eDN6KzErdFgwM3BscVZoK3RDWTlic2N5K0VmaHAyRHBaV2tlWGIva05aRElJWFlKUFovQ3FlSXlreUdWUkE4cGtPeElJcDl5ays2TXh0Rm9XM2hSeWExODlzMU96VVVUMGVNZkg3L3RiYUpyVUhKdDJkRGRCdzZpeGZ1dzJYUDBDQlcvZ2RTMFhSZFU4cFNnT1B0NExtcnpXa2FFdUJnMER0b1lRaG9RMHFFcndFb2ZhOTdraHdqaDYxZFFiTHVjRlFCMDV1VUlzVT18&cppv=2

Request Chain 652

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tRXXG3xkZUFKWnMxdVY3SUZkWVpjT3RSaCsvU0ozYk5LMUY2S1ZMRzJGaUV4M3RCZWF3TW5Xd2kyUlJWSERSOUxjdi92N1FULzF3U21jV3RPRVJiM2RJWitNM3FMTWc2enlLcHZ5YXFncHlXV215RjlFcDhBbElqQ1QyVUtmeE9NR2hJZ2IwcStUb2wzRnZUV29KVVBTN0dFckVhWHRtcFNCL1hBYU9WRERZSXpWOFpVUWpYdWx2aC9OenFmQTluNnRCbFViZkNkNThuUmRVVEpBeFBUdGJiSkNYb3BPendRZ2NJb0RpVkZmTjZZYUxscVVrOXNJY04yQVlPSmxncXV3aTVjKzJwVUV1S25FMnJkdUZvQVUvRXlFVks5U2NySlZZTFcrYlRSSGJVelVpdz18&cppv=2

Request Chain 657

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=5uyHDnxOemFHcVZZdnJXVEx2anVmM2xicmVjN3F2NTdUZHlQcVgxWU85Q3dwYkljVUlUQWUzeVpwVzM4Y1RqcVBIUUwyM0tBbERRU0ZRbEwwNkNPbGJ0amJveDNXM3l3K3NWazVBZDdiVDUwM2JVL0FXN2ZiaS9ML0JZNjZZQ0NNQlVQakpreUFPQ1dyTG8yeEVaOGo1U01zOUowTCt4RzZIQmxIbGFDZFo4WjRMZUk2TG1DcjM5dks5anVqVDhGSVl4WkJNMjFMc1U4aDhhQVVGcm0ydEswSVEyNlB2cEpDRHV6QXRNTW1TZzVZV0ZmN3g5N3JOMUdNQ2lIK1Q3RG9vYmlQT3AzejlkZ0Fnc1paYXpEdE1LWWhmc21GanpyNEtteUVqMHBEMWJjeVRlcz18&cppv=2

Request Chain 658

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Y-Az53w4dzdjV2k0MmM2TVZMSzMwODJuZy80VllaZEQwaFYxamdZMGl0VklSMFl3ZUlCUG5WbldZSmpDNVBuTHVXL1JkWUk1N2VHeEZPNGxrMzV3UDRBKzlUdkUvZWZhZk9YQmZPcUROamRSWVN0SWgzY3ZRRmZVeWc0OHZCam1JKzg4Q21HdmU0enBMMUgrMjVUMkJyczNPNFhWWVQ1REM5TzhLelZXUDBVaTlWeVBWWmFSVVdYek5hNEc4Y0RGQy9xd0RLb3dDdDVqVHh0elltdUdXVE9neXRBamdEcTBpRUtUNWVMQk85MjkzYWt0MWRKRVorWkh0WkplemRQM2RhYW1XQWcvNFg4RzJhd0VkdFpjL3RQeERhTXZlK3M1RG9mZDNRQkVSVy9FV04yVT18&cppv=2

Request Chain 659

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gLcr-3xFWWRibEZHNW5PVEdqUU9qOEF5RUl1bGlPaUJ1RU1qS3lWVk9nWHkvWFo2bWNJVVY4NFRaNGhwTGs4cU1FTDltcmJMTUZnY2NkTU5ENU82MXEzTUtYd0VUemJtMjlzb2laZGRGa1h0VkVVYXpzWWxEdVpacXRzVkowSlNZaGliSW43TThLWm8zYVVRWCt2a0tjUnZoYjNXTFpGV3ZoQmk1OFM4WWdZQ3R3aUFvSE9WbXYzTjdBdnBEWWpvdkpTY21GUy8xMmdzYWIyZmVPdDVJQW1aL0kwOW4rL1NmdzFuYmZQeWNwaGowZXQ1Z0w5WmpVNDFZOGJuek54dEIrTzhnUjF1RWpoV1pBOHRGdVlKajdsdFAxNUoyVmovMTJuL0l1enFFaDNabzVnYz18&cppv=2

Request Chain 662

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dJPmfXxWQ1I5V0hiTENZeDFBWHZBaDhIY2RxRzI0dUR5WUxnOGdDdzc0TmRoZFJWeDBQUVF2ZHdjL2kvcGpVUzdtZHJVdHp0T0JhNFh5N1lWZ045REx1bWg0SmhUYjRGeEtjWFg5ZHhJMEc3NElhbTZrM3YrdGJTbk80NWp1THNTUGtGUjU5czc0NnZkNE5hbkhrREVvQkliSDBydHZxR0VVMDJ2RytrWm1neG5MdjR1L1A5WWtlcWV5eFFTTWhXOEt0Rk5oU0NHVWFtOHpwVGVCaWgzZ0JmRmhLY3U1ekVYSlMrM0JMMWxKN3hkL3pCTFpyZGdndE1RQ2VxVjhRODZEeStScXV1TGxZcUsyeTJpRXVFa3VIQ1BmY2N0bXg0NytQSHFYZ0V3b3ozR3FLRT18&cppv=2

Request Chain 664

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=WIxJtXwyaHgvd1ZXTzVCSkJBWC96QVdHRWNPMS9EVkFBb1kyTmprdWhNakhyZlNmRUl3WHhSc0ZyYmF6V2tBWUZvNTJESG9mc0ZkS1liTzRJZVY0Z2lVOHNJdjZ4bkhTNHJjNHUxNjBTdFNhamNiSlJ6L1dJY0YxaFg5RDU4K0k3Z3FjSXRQbXhPbDhyMkthTVlOU3g3NVRLei9vOGw3UWpkcjZBVkZZNFJyQlpuL1EyMlR2NFZnZnJzb25Nc2tQaHNNcG1jeEw4T1pJV1Y2MHVPc2tBNVVmcmJBSVFaMVN0RnY5a2ZhYStwOHRtWkpFdWtaY1lpdWN1NWtBOVdoOUtyM01ndFZ0U0lWbHZtZys2YjQ1Zi9LSDlSTzd1ZHRjTVdBNU0vcU1aS09lZXNYWT18&cppv=2

Request Chain 665

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XN0F73x0SUpZQy91Q0I0L013QmVNNko1ZER1K2ZXdFYyTVVxVEk0SUFRdm83NjVCcTJkUnQrVThmSnhIMno3eXp3RlMzeFVBNmtCdU5WQ3NNWGpRa3BnNEY3aVUzOHpaMXl5UDFuNVZUTWdTZDlKV21rVUFxTEpmakh4S3Zta2ZTNEdjRHByTzVyeGUzbktuMFNvYTJ1V3MxeERGVEpnZ0RrYXcxTVRXVVBRaXlvdjViK1h4L0l6NjBKSUpDdHo3bnZMUnd3enBqbSs1aGpSS1ptT3FDc3JzSk5GMzFkSWhIakNKOHhBNlNqRW1TdzIyb2lReFFQRWhyNVgzUkJZTDVSNUVBcWZPQVB2R05CTDFKWWZ1WUQrSm4vdXZlOGFkT292Sm5GWmUyL3pnVUpZQT18&cppv=2

Request Chain 673

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=2&topUrl=www.sgtreport.com&bundle=JDd7hV9oTG5iRHRqb255V1MlMkZQWlFsSCUyRnduOEc2bmhqU2V3Z2R2aHBFZXA3WVdsRGNWbnN5c1VwSkdDRHl0VzFKaUlmOXhCRVZZUEJtJTJCMEhROUt3d2dkMXVjdEhUNDl4JTJCYlVRaUNvNFo3STdJYTk5amR2OGF0eTVvWnU0JTJGcnZUJTJCMzZiYjNCRUlXejYlMkJsZFVuUDZrYlhmUUtMQSUzRCUzRA&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=SX1M0XwrV3d3Rkx3U2lRNzRYNkwyOXprSXhSREFyTlZ5dEVFVHJTTDR3L2UwSEd2UkwyUVova1JkWGpVaWxyNk03M2FuZ2dudFVQSWp6QTJ6WmhYZ2pyYXh0QU00VUIyU2xScGRNYWdjL2U1NFpVSlFGYUIvOE1rYU5RZmxHVTkrVWJMbXJxQmJFTi91YUM2c1VnRkdZZDdkWlZkZGRid1Y0YS91Q2tQSmxFUDlZMnA3TCtJYk5pbzFqaHZJSjRZQnRmb3o5cXQyNEo1RXJJUVJ4MloyeWpnQzZ2Y2plclY4ejNQSXBLREdES09FTVpiVm15SFpwQkV2Q2ZReHNGTzM2bGtYNXRNbjlhTWhCREF0R2lZQUQ4ZklzN1JaNGs1V2FkL0lucU1YZHVydGV3MD18&cppv=2

Request Chain 675

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=2&topUrl=www.sgtreport.com&bundle=JDd7hV9oTG5iRHRqb255V1MlMkZQWlFsSCUyRnduOEc2bmhqU2V3Z2R2aHBFZXA3WVdsRGNWbnN5c1VwSkdDRHl0VzFKaUlmOXhCRVZZUEJtJTJCMEhROUt3d2dkMXVjdEhUNDl4JTJCYlVRaUNvNFo3STdJYTk5amR2OGF0eTVvWnU0JTJGcnZUJTJCMzZiYjNCRUlXejYlMkJsZFVuUDZrYlhmUUtMQSUzRCUzRA&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=nY-XLnw2RHFwbndMclVOelRkWmxwN3kxNzdTZm5wekNjNUxKeEJqMHVNSTRJMnJBTVVzRWJPcWZMU1dZV1Q2Z0hnN1RzOTU3RWVycGREK2gvVEFvRXF0a0ZOTWJsUG92amp4cXlwVlZuVytsWS8vVkdVRC9qRXp1Z1NTemxSa0d2OW5EcEd6S3FsaFdUcFI1d3Q3UGR5ZjdZb1FIMHhSbU11L3pmekZUTGZwMER3b09IdFpzaWx0cFpkd01zRzM0eDhzdDhYem53bFlxY1FOMG5sbU5yUzIzQ2prT2tPYWZIUElsdVRnMWErWUh6WTVpdnVBUXJqZ1Ayaktpdk9DbUZRVE5IemdQamhPTlY5WnE3QlVSZWRud1Y5T0ZxVzdYTFdNVzErNmVVZUZBWW9vVT18&cppv=2

Request Chain 730

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=950cad3b-643f-45ed-be88-8b8e36ea727e&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

Request Chain 731

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5IjVGDl2bZT.AikABlF_FLHSbQ

Request Chain 732

https://sync.bumlam.com/?src=bw1&uid=8c728ad2-e5ac-5133-b33b-bae1d12a2f15 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj4q8aQBlIFvp7KygpiJDhjNzI4YWQyLWU1YWMtNTEzMy1iMzNiLWJhZTFkMTJhMmYxNQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj4q8aQBlIFvp7KygpiJDhjNzI4YWQyLWU1YWMtNTEzMy1iMzNiLWJhZTFkMTJhMmYxNaIBEHW-LRaR6hHshuAAJZDAZHw* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABj4q8aQBmIkOGM3MjhhZDItZTVhYy01MTMzLWIzM2ItYmFlMWQxMmEyZjE1ogEQdb4tFpHqEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj4q8aQBmIkOGM3MjhhZDItZTVhYy01MTMzLWIzM2ItYmFlMWQxMmEyZjE1ogEQdb4tFpHqEeyG4AAlkMBkfA** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=75be2d16-91ea-11ec-86e0-002590c0647c

Request Chain 778

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZUKULEW-1K-O94&sigv=1&esig=2~97039b3163b4f95948616220add377b2367aa30d

Request Chain 780

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=11d16211-95f8-4700-a2dd-ec029de0bc7f

Request Chain 781

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjVlMWNiODk2YzUxOTA5ZTZjNmM1MTIxYzJmOWI3OTAyNDAwZWIwYw

Request Chain 782

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFEE9Zr92N2LWf2UycbsSWE&google_cver=1

Request Chain 783

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pVS1VMRVctMUstTzk0

Request Chain 784

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/k0Sdw--nyBL9a8FTJqyebQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=234659237585140471

Request Chain 785

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZUKULEW-1K-O94

Request Chain 792

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://px.adhigh.net/p/cm/bsw?u=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa&bidswitch_ssp_id=between HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=5IjVGDl2bZT.AikABlF_FLHSbQ&expires=30&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

Request Chain 798

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=75be2d16-91ea-11ec-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=75be2d16-91ea-11ec-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=3XENc0JLm8QSzWOO5KbfkA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata&google_gid=CAESEC5oxru9BfJ_J2h2R5ighTA&google_cver=1

Request Chain 808

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 827

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996

Request Chain 832

https://x.bidswitch.net/sync?dsp_id=429&user_id=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&expires=60 HTTP 302
https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

Request Chain 834

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8c728ad2-e5ac-5133-b33b-bae1d12a2f15 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15?redir-setuniq=1

829 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/ 140 KB
37 KB 391ms
122ms Document
text/html 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 7ec4ea7227f6d342794724b0653ea10d95bc9ada152ea17f7bb384115c98c50f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,User-Agent
Cache-Control: max-age=3, must-revalidate max-age=600
Content-Encoding: gzip
Content-Length: 37591
Last-Modified: Sun, 20 Feb 2022 01:14:04 GMT
Expires: Sun, 20 Feb 2022 01:24:26 GMT
Keep-Alive: timeout=2, max=150
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.min.css
www.sgtreport.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 221ms
123ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Dec 2021 19:32:54 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 10523
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK magnific-popup.min.css
www.sgtreport.com/wp-content/plugins/youtube-channel/assets/lib/magnific-popup/ 3 KB
1 KB 704ms
483ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/youtube-channel/assets/lib/magnific-popup/magnific-popup.min.css?ver=3.0.12.1
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 4b69d4d881a25112a646c64a9393cd9b0fa7542450be9fe3c3c767621ee2aac0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Mar 2021 15:06:14 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 939
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK youtube-channel.css
www.sgtreport.com/wp-content/plugins/youtube-channel/assets/css/ 2 KB
1 KB 358ms
129ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/youtube-channel/assets/css/youtube-channel.css?ver=3.0.12.1
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 7724660684cf13ca7761b57a4b33a2dd88a7f70fe64cd3b1c4574069ab3aeec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Mar 2021 15:06:14 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 732
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK wpp.css
www.sgtreport.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
941 B 358ms
121ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.5.1
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Jan 2022 16:44:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 570
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK style.css
www.sgtreport.com/wp-content/plugins/td-multi-purpose/ 82 KB
10 KB 365ms
126ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/td-multi-purpose/style.css?ver=5.8.3
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b90c7348339625f0fd1cbf7dee8a8ba9ad9bacde44c4e4a36cada2e5aaf677c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Mar 2018 18:29:09 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 9896
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 52 KB
2 KB 43ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=News+Cycle%3A400%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C200%2C200italic%2C300%2C500%2C500italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%2C200%2C200italic%2C300italic%2C700italic%2C800%2C800italic%2C900italic&ver=8.7.2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

887a1c8810cb27fcdeabcdd8ff62ff6ead01a9417efa3fc6303b7335ad726684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 01:14:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 20 Feb 2022 01:14:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Feb 2022 01:14:26 GMT

GET
H/1.1 200
OK style.css
www.sgtreport.com/wp-content/themes/Newspaper/ 1 MB
117 KB 391ms
150ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 930fbba31d879eda5d12387c6b71161141dd7bc4cb00be5cef84661df672e3f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Feb 2018 17:11:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK demo_style.css
www.sgtreport.com/wp-content/themes/Newspaper/includes/demos/blog_coffee/ 6 KB
2 KB 365ms
123ms Stylesheet
text/css 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/themes/Newspaper/includes/demos/blog_coffee/demo_style.css?ver=8.7.2
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b13433c98ad2529a4d896cb06068a9deaeadff451fc7e911bc7f6cdc1a3613af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Feb 2018 17:11:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=150
Content-Length: 1175
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.sgtreport.com/wp-includes/js/jquery/ 87 KB
31 KB 482ms
124ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Dec 2021 19:32:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 30908
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.sgtreport.com/wp-includes/js/jquery/ 11 KB
4 KB 477ms
118ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Dec 2021 19:32:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 4169
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK wpp.min.js Show response
www.sgtreport.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 488ms
122ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Jan 2022 16:44:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 1377
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
27 KB 60ms
33ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

723f2e6d2e63263fa6501a3049be9775cd3b60753488b28f058d670d1ff51a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27553
x-xss-protection: 0
server: sffe
etag: "1137 / 425 of 1000 / last-modified: 1645225613"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Feb 2022 01:14:26 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.sgtreport.com/wp-includes/js/ 18 KB
5 KB 124ms
121ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Dec 2021 19:32:53 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 4930
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK logo.png
www.sgtreport.com/wp-content/uploads/2018/02/ 14 KB
14 KB 132ms
115ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/02/logo.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 34fb284b7781db4c2b4082a25f24ed661df57882b125974e0f617dca6c5ead77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Mon, 26 Feb 2018 21:53:56 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 14435
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK mast_new2.jpg
www.sgtreport.com/wp-content/uploads/2018/03/ 172 KB
172 KB 140ms
120ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/03/mast_new2.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: a9ea5cba1ae443941551362461f960ab8e40b4f1efee364f6d3140a2a7463946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Thu, 15 Mar 2018 00:29:16 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 176007
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK Silver-Eagles-Monster-box-Sweepstakes-1200x125-1.png
www.sgtreport.com/wp-content/uploads/2021/11/ 105 KB
105 KB 143ms
120ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2021/11/Silver-Eagles-Monster-box-Sweepstakes-1200x125-1.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: d1fed1a57148369d611cc9232ea9c61c5a06a998c3f438c4e6009cf0fbba6a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Tue, 30 Nov 2021 17:30:48 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 107370
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H2 200 John-Durham.jpg
www.naturalnews.com/wp-content/uploads/sites/91/2019/10/ 232 KB
232 KB 757ms
685ms Image
image/jpeg 2606:4700::6810:8746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.naturalnews.com/wp-content/uploads/sites/91/2019/10/John-Durham.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:8746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c0290d34b03471afa22fbc0479922c683b7bf407a08bf959da491e33737b386a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 08:07:29 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "5263c73f551ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 6e03e0ce0ecb5a2b-MXP
content-length: 237152
expires: Sun, 20 Feb 2022 01:15:27 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 167ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Age: 737
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE5)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK zoltan-warns-fed-must-crash-markets-right-now-0_DAOnFXNbw-218x150.jpg
www.sgtreport.com/wp-content/uploads/2022/02/ 9 KB
10 KB 119ms
118ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2022/02/zoltan-warns-fed-must-crash-markets-right-now-0_DAOnFXNbw-218x150.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: a96a4b7d17df7dda63bd2d17a77887cebe8c2948126ed3bb2f10a1e10277066f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Sat, 19 Feb 2022 04:49:48 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=146
Content-Length: 9635
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK trudeau-accuses-conservatives-of-standing-with-swastika-then-refuses-to-apologize-SOvoZXgs3xU-218x150.jpg
www.sgtreport.com/wp-content/uploads/2022/02/ 10 KB
10 KB 123ms
122ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2022/02/trudeau-accuses-conservatives-of-standing-with-swastika-then-refuses-to-apologize-SOvoZXgs3xU-218x150.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 00db966a5af0d4f846f4b1cfee7d98d0adebefab46318f61f1bfe5e982416783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Thu, 17 Feb 2022 10:23:16 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=146
Content-Length: 9789
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 190 KB
62 KB 59ms
15ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66858a18f40bc94d285007156809f27a286d2d3c001f1050d62eff2185968709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 19:36:32 GMT
server: AmazonS3
x-amz-request-id: WD4F9942PWS750RZ
etag: "cb93a8da23412b736f7906242544502c"
x-hw: 1645319666.cds001.fr8.hn,1645319666.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63369
x-amz-id-2: fMZsD6h5N7Y+keU0BTaqwmcxJyerKnHBadWaY7UOccFgfSVIwyvAtEhE03RnnXJjTsYm4CvwhwI=

GET
H2 200 sgtreport.com.372839.js Show response
jsc.mgid.com/s/g/ 2 KB
1 KB 207ms
179ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c7acccc327eddde8188b1302a44e4c30e7e1aad4f0d6ecf6e2b70e3dc75c26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z25V5449WQNJDENG
last-modified: Fri, 04 Feb 2022 12:03:18 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 2WHK5d+HDGlGVrj5k91SrK//pgOh92ZkKideEstTxZQke9uBLGFBntHBeGt/ocKz0JhJ29jdkqE=
cf-bgj: minify
server: cloudflare
etag: W/"a94585d30de935216170a81f623971bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6e03e0cdbdbd92b7-FRA
expires: Sun, 20 Feb 2022 04:14:26 GMT

GET
H/1.1 200
OK s_gold.gif
www.kitconet.com/images/live/ 3 KB
4 KB 875ms
121ms Image
image/gif 72.142.122.58
ROGERS-COMMUNICAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kitconet.com/images/live/s_gold.gif
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 72.142.122.58 Ottawa, Canada, ASN812 (ROGERS-COMMUNICATIONS, CA),
Reverse DNS: unallocated-static.rogers.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 8217760c35984f22fb76585e9e333422f76d240b13468ea1be525a3ae773117b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Last-Modified: Sat, 19 Feb 2022 04:59:13 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "d6b39704d25d81:0"
Content-Length: 3426
Content-Type: image/gif

GET
H/1.1 200
OK s_silv.gif
www.kitconet.com/images/live/ 3 KB
4 KB 895ms
132ms Image
image/gif 72.142.122.58
ROGERS-COMMUNICAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kitconet.com/images/live/s_silv.gif
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 72.142.122.58 Ottawa, Canada, ASN812 (ROGERS-COMMUNICATIONS, CA),
Reverse DNS: unallocated-static.rogers.com
Software: Microsoft-IIS/8.5 /
Resource Hash: af89e267a01f003967255daf1f5a1d5fdfdf3fb930470e1b4815e221404e1542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Last-Modified: Sat, 19 Feb 2022 04:59:13 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "49255d704d25d81:0"
Content-Length: 3362
Content-Type: image/gif

GET
H2 200 bootloader.js Show response
static.newsmaxfeednetwork.com/web-clients/bootloaders/xKdmbX45rqIH8bHCkG3Fae/ 1 KB
2 KB 317ms
101ms Script
text/javascript 54.165.164.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/xKdmbX45rqIH8bHCkG3Fae/bootloader.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.164.249 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-164-249.compute-1.amazonaws.com
Software: / Express
Resource Hash: 43b260a9be964981c17ba44610a39faa6c4cc47fa1dbd66a28bd3c4adae97374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
cache-control: public, max-age=300
x-powered-by: Express
etag: W/"58e-7JiqFXuofUA2XKaUPJPmIHKYOW8"
content-length: 1422
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK logo_inverse-300x67.png
www.sgtreport.com/wp-content/uploads/2018/02/ 12 KB
12 KB 131ms
131ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/02/logo_inverse-300x67.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b9f979f8b70bfa772e77f5cfe93602ff0de2aac381f8cdc2941e2f1609e4660c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Tue, 27 Feb 2018 19:45:45 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=146
Content-Length: 11851
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
www.sgtreport.com/wp-content/plugins/youtube-channel/assets/lib/magnific-popup/ 13 KB
5 KB 124ms
124ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/plugins/youtube-channel/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=3.0.12.1
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 6b7e98cf5f866a86d87e062837ae5da65507c067fcc91b2837694a516ab49e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Mar 2021 15:06:14 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 4790
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
www.sgtreport.com/wp-content/themes/Newspaper/js/ 203 KB
49 KB 135ms
135ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.7.2
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 566ee6e2492e7fcfa4d4ab6075d32a3e6326ce1ddda600b5a8b5f94e0a400009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Feb 2018 17:11:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=149
Content-Length: 49278
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
www.sgtreport.com/wp-includes/js/ 3 KB
2 KB 121ms
120ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:10:16 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 1346
Expires: Tue, 22 Mar 2022 01:14:26 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.sgtreport.com/wp-includes/js/ 1 KB
1 KB 118ms
116ms Script
application/javascript 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Apr 2021 02:10:17 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 765
Expires: Tue, 22 Mar 2022 01:14:26 GMT

POST
H/1.1 201
Created popular-posts Show response
www.sgtreport.com/wp-json/wordpress-popular-posts/v1/ 55 B
923 B 207ms
207ms XHR
application/json 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sgtreport.com/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.5.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.sgtreport.com

Software

Apache /

Resource Hash

2e799ee1f2f9d560736372c67b1a4c84ca1f8ea8249041182e781abfc2adce47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 20 Feb 2022 01:14:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding,Cookie,Origin,User-Agent
Content-Length: 75
Keep-Alive: timeout=2, max=148
Link: <https://www.sgtreport.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
X-WP-Nonce: ab4134e39a
Allow: GET, POST
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.sgtreport.com
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Expires: Tue, 22 Feb 2022 01:14:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4174
date: Sun, 20 Feb 2022 00:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 02:04:52 GMT

GET
H2 200 189060c5-96ef-492a-9651-a40ecc84dec7 Show response
www.brighteon.com/embed/ Frame 580A 12 KB
3 KB 250ms
190ms Document
text/html 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 931f4a8813177213437222e40764c496035212c31f61381c8c4c63d34f29a254

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Next.js
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e03e0cdfc56374a-MXP
content-encoding: gzip

GET
H/1.1 200
OK Bull_Pattern_SM_Gray.jpg
www.sgtreport.com/wp-content/uploads/2018/03/ 2 KB
2 KB 129ms
120ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/03/Bull_Pattern_SM_Gray.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 486b9e60d87048c7a296b8da51240473865128081e3d698cb96aaa03467b2559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Tue, 13 Mar 2018 15:01:10 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=148
Content-Length: 2069
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK newspaper.woff
www.sgtreport.com/wp-content/themes/Newspaper/images/icons/ 19 KB
13 KB 190ms
127ms Font
font/woff 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sgtreport.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334

Request headers

Referer: https://www.sgtreport.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Feb 2018 17:11:22 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: font/woff
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=146
Content-Length: 12819
Expires: Tue, 22 Feb 2022 01:14:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 56ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle%3A400%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C200%2C200italic%2C300%2C500%2C500italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%2C200%2C200italic%2C300italic%2C700italic%2C800%2C800italic%2C900italic&ver=8.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 349192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 00:14:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 40ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 330068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 05:33:18 GMT

GET
H2 200 CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2
fonts.gstatic.com/s/newscycle/v20/ 13 KB
13 KB 52ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/newscycle/v20/CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fabd4eac35ba43560122627965b38a38a7ce54d9132995f87f346c733e04465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:00:03 GMT
x-content-type-options: nosniff
age: 443663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 20:07:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 22:00:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 44ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 368077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 55ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:03:59 GMT
x-content-type-options: nosniff
age: 396627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 11:03:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 24ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 363991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 20:07:55 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:39:33 GMT
x-content-type-options: nosniff
age: 275693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 20:39:33 GMT

GET
H2 200 152421d1-6b51-4c35-80d3-c6758e7f8d76 Show response
www.brighteon.com/embed/ Frame 4CB0 14 KB
4 KB 226ms
226ms Document
text/html 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 3aa937023561df0f65b239e330e5d8df10ae385f463b9ff142c201ad456b2bc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Next.js
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e03e0ce4c8a374a-MXP
content-encoding: gzip

GET
H2 200 ajs.js Show response
cdn2.customads.co/_js/ 5 KB
3 KB 101ms
19ms Script
application/javascript 2600:9000:225a:f600:18:9413:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.customads.co/_js/ajs.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:f600:18:9413:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 03:38:58 GMT
via: 1.1 google, 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 23:43:08 GMT
age: 77729
etag: W/"14de-17f0f37c99a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-encoding: gzip
x-amz-cf-id: tldbA21yrxKr952Mhf3h-6aPsq_RMaGzCmr_X0zad74LUzSzVvozeQ==

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 8F47 46 KB
17 KB 319ms
292ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00ecdcfff547392fb20cd855901b74bb802be9622cb298730d94e22eb4eeae9c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-fb-rlafr: 0
document-policy: force-load-at-top
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: SBN7G1YC3lRzrjDW65iZZJP4Oz1M8n1gAzLJnvgeQInheUA6gKqwr5J0kbBPHmjJWxJnr6lZOSUzLNtIV9x/2w==
date: Sun, 20 Feb 2022 01:14:27 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 zerg.js Show response
www.zergnet.com/ 7 KB
3 KB 330ms
105ms Script
application/javascript 52.22.187.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=64538
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.187.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-187-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: aa8409101023675fae13b8d05b4732ee33506b96c08b6813e31b1ce8703655bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
expires: Sun, 27 Feb 2022 01:14:27 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H3 200 pubads_impl_2022021602.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
121 KB 22ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 20:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124238
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:36:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Feb 2023 20:35:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 169 B
143 B 30ms
15ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sgtreport.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3eccfa9bba8a97eba67d764e11c6e85ed1804ce9412129178e06aeee57b87558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118
x-xss-protection: 0
expires: Sun, 20 Feb 2022 01:14:26 GMT

GET
H/1.1 200
OK z-stack.png
www.sgtreport.com/wp-content/uploads/2021/11/ 111 KB
111 KB 125ms
120ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2021/11/z-stack.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: a6120ea6f21c39cc7ff9e6695e169403a888bd0baa0542ce005bd3682a2ace95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Fri, 19 Nov 2021 21:47:36 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=145
Content-Length: 113297
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK subscribestar2-300x78.jpg
www.sgtreport.com/wp-content/uploads/2020/11/ 8 KB
9 KB 153ms
122ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2020/11/subscribestar2-300x78.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b59580d2c063af9575bf5cf04ec1fd8356a7fd7d496502a273b234ac56cda1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Fri, 20 Nov 2020 00:10:31 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 8604
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK SGT_Pod_3Million.png
www.sgtreport.com/wp-content/uploads/2021/09/ 111 KB
112 KB 121ms
114ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2021/09/SGT_Pod_3Million.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: e49a1fe195bafdcc12314311af0a01b2b1e27fc974ebac7103c211554ae0ca4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Fri, 03 Sep 2021 13:28:43 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 114033
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK deplatform5.jpg
www.sgtreport.com/wp-content/uploads/2021/05/ 404 KB
404 KB 139ms
137ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2021/05/deplatform5.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 4641a0b17c898a4e06c8b2174cd6b29533883f13190b2c8e22a9520a7fc3ed02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Wed, 12 May 2021 12:32:11 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=144
Content-Length: 413290
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK 300x600-FS1KMG.jpg
www.sgtreport.com/wp-content/uploads/2019/05/ 41 KB
41 KB 142ms
142ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2019/05/300x600-FS1KMG.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 4ceb80da67293697244c88889b475d2871f8fccdffc2a0cc4c48c2c8710df878

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Sun, 12 May 2019 16:10:29 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=145
Content-Length: 42169
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK SGT-Report300x250-300x250.jpg
www.sgtreport.com/wp-content/uploads/2018/09/ 27 KB
27 KB 146ms
145ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/09/SGT-Report300x250-300x250.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: cd854c7a5cc71ac815b0e2769453993ec573c66369a5ca0daa199c834ecd529e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Wed, 12 Sep 2018 22:51:29 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=145
Content-Length: 27618
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK sgt-ad-3.jpg
www.sgtreport.com/wp-content/uploads/2020/09/ 126 KB
126 KB 148ms
148ms Image
image/jpeg 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2020/09/sgt-ad-3.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: b6ad4c8233b3e77de3a69602c5768be48ab679691e699cdb7f2dbe04f00c40c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Thu, 03 Sep 2020 20:59:54 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=146
Content-Length: 128776
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK 225-x-400-SGT-RGB-lg.png
www.sgtreport.com/wp-content/uploads/2021/12/ 249 KB
249 KB 166ms
165ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2021/12/225-x-400-SGT-RGB-lg.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 4969e0e92bac024f3580ab342d54559d8a1f5358cdbd62a6ba9d369be9320795

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Thu, 02 Dec 2021 21:16:54 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=147
Content-Length: 254677
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK SHTFplan.com_.gif
www.sgtreport.com/wp-content/uploads/2018/02/ 10 KB
10 KB 162ms
161ms Image
image/gif 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/02/SHTFplan.com_.gif
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 0cb38e0f3fefc6c76c15f859e260e42d2051c9c6546410ff8d8f57b793b8b42e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Tue, 27 Feb 2018 19:35:33 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=145
Content-Length: 9923
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H/1.1 200
OK Phaser_Side_Banner_02.png
www.sgtreport.com/wp-content/uploads/2018/02/ 31 KB
31 KB 152ms
152ms Image
image/png 209.59.154.37
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sgtreport.com/wp-content/uploads/2018/02/Phaser_Side_Banner_02.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.59.154.37 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.sgtreport.com
Software: Apache /
Resource Hash: 7abd14c439fd5919802db92caecce1aaeaeefca6a247ec83a2065dd23b3559b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Last-Modified: Tue, 27 Feb 2018 19:33:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=144
Content-Length: 31610
Expires: Tue, 22 Mar 2022 01:14:27 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 58ms
18ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=97172
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Mon, 21 Feb 2022 04:13:59 GMT

GET
H2 200 sgtreport.com.372834.js Show response
jsc.mgid.com/s/g/ 2 KB
1 KB 197ms
197ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6669243c5eca0c1b6f5d311415448c6a915434f93a4e3eb18abc7e27876cea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: K7R2KQBFDJND6MH2
last-modified: Mon, 14 Feb 2022 04:32:37 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a991EKJM7e1RGiqCDXYfBGJWQ60gnii0gDlJxOC2PCom3M+eZFyqGz5c56nSMG4A32rRBtCz8sA=
cf-bgj: minify
server: cloudflare
etag: W/"dbefbcebf82093be69d24c85dbe92f96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6e03e0ceaf2592b7-FRA
expires: Sun, 20 Feb 2022 04:14:27 GMT

GET
H2 200 / Show response
www.bitchute.com/embed/wfeJmkVoLbFg/ Frame ACCF 2 KB
2 KB 973ms
926ms Document
text/html 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/wfeJmkVoLbFg/

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2461d4c603694783cd7fc7e05054986cd34cbf034752f73dcf1b045a9f1cd8ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/html; charset=utf-8
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agE044mxwc1lEXKqGm0XDRyfoHGe9dMF2xMc%2B611eeniESQRI81SM827eUnhL7bjEpm4jYgq23ofFg1L%2Bi3EvMTMpwTVOyBfVe0wjEfYHm1ecuYA0x5WgSJViVz5HznyADULE4RXKx5hfV7ZibI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0cefc3b3752-MXP
content-encoding: br

GET
H2 200 / Show response
www.bitchute.com/embed/9XKVqMYUAydU/ Frame CCB7 2 KB
1 KB 990ms
944ms Document
text/html 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/9XKVqMYUAydU/

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48bfe77cae2201fc0f8ff69acaf72e6aa5b49d8fe563c1c5e8162b9c36305a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/html; charset=utf-8
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZqWIsscreIlsGlTGn9r%2FAY0jSBOgdd0ECeNBQSacClS8c13QMZTHj66vV6%2B%2Bv7cLA4DHyZh3hH7XYDV4lU5nQVwwbq%2B5B1BWr07soBIdUt1aqLm6GB2QjSsoG3%2B%2BHeJAQ8iSIfNlNm9CUeFmrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0cefc3e3752-MXP
content-encoding: br

GET
H2 200 / Show response
www.bitchute.com/embed/7KtixRT9tVfw/ Frame ED0B 2 KB
1 KB 972ms
928ms Document
text/html 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/7KtixRT9tVfw/

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665b34c904346580dba60514040ae85cfd3e6ba1438e403092ace2c55364bfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/html; charset=utf-8
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPNzEVL0wwUVM0Ss3txj8bOkUuc3PhPQqzwK9iog44YQLs5JU26wfWs%2FFes%2BCruPr2Fh8w2kA8gschgpOfWpFOuIIpGkDXw4tk15z1zwaWpR%2FaUDKQ2HEKaO9AKQ0zGj8gHAVdhJDVzx%2F5n1vFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0cefc3f3752-MXP
content-encoding: br

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 26ms
11ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Feb 2022 01:43:54 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 419F 319 KB
104 KB 40ms
39ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.sgtreport.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 264891
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Feb 2022 01:14:27 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 sgtreport.com.372839.es6.js Show response
jsc.mgid.com/s/g/ 241 KB
71 KB 52ms
41ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90549dfdaf9611ef8a2b6b8ca913bf99e64116c43fe18f719e7440f802bed218

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 5879
last-modified: Fri, 04 Feb 2022 12:03:18 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GFG0262A0EXB8GRR
x-amz-id-2: Hs7LWavWUwXNtowbk1tfJUIdPax6aJkCpyHUxbyeI3sruwpWOcMKIRKODYyjCROS0RIjTewl+jo=
cf-bgj: minify
server: cloudflare
etag: W/"3a8f882f6bdb932e0c31012345c50486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6e03e0cf7aa05b98-FRA
expires: Sun, 20 Feb 2022 04:14:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 54ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 53ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 52ms
52ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=787064574318816&correlator=2991854412238573&output=ldjh&impl=fif&eid=31064988&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=21673142571%2C10__sgtreport.com__default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&dt=1645319667131&lmt=1645319644&dlt=1645319666022&idt=1088&frm=20&biw=1600&bih=1200&oid=2&adxs=1103&adys=5525&adks=2983699389&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&vis=1&scr_x=0&scr_y=0&psz=225x250&msz=300x-1&ga_vid=498148452.1645319667&ga_sid=1645319667&ga_hid=2001753584&ga_fc=true&fws=4&ohw=225&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

81da8bc9eee57e76526bda924969b791cacd7cc90454f7f34eede67e5e9dbe67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8895
x-xss-protection: 0
google-lineitem-id: 5679025428
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363715813
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1243 6 KB
4 KB 95ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Feb 2022 01:14:27 GMT
expires: Mon, 20 Feb 2023 01:14:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 8773791841012071 Show response
customads.co/lad/ Frame E053 1 KB
2 KB 167ms
130ms Document
text/html 35.190.30.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://customads.co/lad/8773791841012071?pubid=ld-7837-487&pubo=https%3A%2F%2Fwww.sgtreport.com&rid=&width=789
Requested by: Host: cdn2.customads.co
URL: https://cdn2.customads.co/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.30.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.30.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: text/html; charset=utf-8
content-length: 1376
date: Sun, 20 Feb 2022 01:14:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
20ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1456
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=6oS5VXx1TEFmMTlRUUtDUTBuYzFrVldQUHVMVEtaMFJqeUErdEtsNGRSVmt6b1lNQk5qd0N1eUdINHMrWml5K0I2SllNNllpSWFrVWwrVWZLTHJ5V3I0WWdsQjhLbVFVR2VLb0g0NWpnWkdrdEh4MXFMeFdtbkhxUE5xZ0...

350 B
617 B

125ms
47ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6oS5VXx1TEFmMTlRUUtDUTBuYzFrVldQUHVMVEtaMFJqeUErdEtsNGRSVmt6b1lNQk5qd0N1eUdINHMrWml5K0I2SllNNllpSWFrVWwrVWZLTHJ5V3I0WWdsQjhLbVFVR2VLb0g0NWpnWkdrdEh4MXFMeFdtbkhxUE5xZ01VNWQwK3k2S0V1MkgyT1YyN3JFRS80ajlobHp0RlFENnFMcCtMbGNPaWEyWlN3dkJpUk5VMVcrRU1EbTRWOVpXeDBFN0E0NXhna3k2NUxLU00rZjUwZUdVU2VTdWVDbG1HM1BiVHlRM1RwTGRzZlZHS09GYmNQci9XeGZuMDNmRzU4elArSzB6fA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3b97602fc2e8fab40bd4ccba0d95efed5d650e4bab455b98b6631970031dbbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2349
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
location: https://mug.criteo.com/sid?cpp=6oS5VXx1TEFmMTlRUUtDUTBuYzFrVldQUHVMVEtaMFJqeUErdEtsNGRSVmt6b1lNQk5qd0N1eUdINHMrWml5K0I2SllNNllpSWFrVWwrVWZLTHJ5V3I0WWdsQjhLbVFVR2VLb0g0NWpnWkdrdEh4MXFMeFdtbkhxUE5xZ01VNWQwK3k2S0V1MkgyT1YyN3JFRS80ajlobHp0RlFENnFMcCtMbGNPaWEyWlN3dkJpUk5VMVcrRU1EbTRWOVpXeDBFN0E0NXhna3k2NUxLU00rZjUwZUdVU2VTdWVDbG1HM1BiVHlRM1RwTGRzZlZHS09GYmNQci9XeGZuMDNmRzU4elArSzB6fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1630
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
267 B 138ms
49ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=184949

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 136ms
47ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1763
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=I-9Q93xXUTQvRFN3bk45a3FPZDJaYjNjUndwVzVSd0k5RDdKY0tWWGlubDRodWpSOTF1eTNJMVk4dTVpdmNoNytaSHBkdytuODhieFp1akw5T3dmUkxZb0ZYcXlEeVlsNGNvRXhjbTMvV2FEUTN4aTFFTkFNV1JGVGJ5V3...

352 B
616 B

127ms
48ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=I-9Q93xXUTQvRFN3bk45a3FPZDJaYjNjUndwVzVSd0k5RDdKY0tWWGlubDRodWpSOTF1eTNJMVk4dTVpdmNoNytaSHBkdytuODhieFp1akw5T3dmUkxZb0ZYcXlEeVlsNGNvRXhjbTMvV2FEUTN4aTFFTkFNV1JGVGJ5V3Q2R3NEd0dRTXRGQ1NBbjVqSDNZMDY2NVNZQytVNXdFd3I2RXM3RWRncWEwMllqemY4SzQvR2toTG1MYVlWNEF1U2hxMkF0cW1WMitSTmYwV2J1YTZiVll5V3ZmZ3NYWCtVVERQY1dNNUY0aTZjN1lhMUJtNlI2dkdaNW9kQ2xqdGFkMkRxWnBUfA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3555f2a64d8a6b1f4d9c4f821a31020b69b3f75a55546643f417cc40973a918f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5872
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
location: https://mug.criteo.com/sid?cpp=I-9Q93xXUTQvRFN3bk45a3FPZDJaYjNjUndwVzVSd0k5RDdKY0tWWGlubDRodWpSOTF1eTNJMVk4dTVpdmNoNytaSHBkdytuODhieFp1akw5T3dmUkxZb0ZYcXlEeVlsNGNvRXhjbTMvV2FEUTN4aTFFTkFNV1JGVGJ5V3Q2R3NEd0dRTXRGQ1NBbjVqSDNZMDY2NVNZQytVNXdFd3I2RXM3RWRncWEwMllqemY4SzQvR2toTG1MYVlWNEF1U2hxMkF0cW1WMitSTmYwV2J1YTZiVll5V3ZmZ3NYWCtVVERQY1dNNUY0aTZjN1lhMUJtNlI2dkdaNW9kQ2xqdGFkMkRxWnBUfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3364
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
267 B 126ms
50ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=184950

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 124ms
47ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 3208
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=lw8OD3w0VTlPZk9xSStUb3RuNEFIaHFRR3NIOEdaT1pwL3FWcktZTzI1bEZBZW1CQTJBQmNOeXQ2YkttZll3WmJpMDM0VjBlNlBlYlNMZFFCbytIcy9TQzh2Z2VWN2NqY21BRm85M0l4ZmVqajdNNUp0VVBNcFBtUmw1SV...

366 B
624 B

125ms
45ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lw8OD3w0VTlPZk9xSStUb3RuNEFIaHFRR3NIOEdaT1pwL3FWcktZTzI1bEZBZW1CQTJBQmNOeXQ2YkttZll3WmJpMDM0VjBlNlBlYlNMZFFCbytIcy9TQzh2Z2VWN2NqY21BRm85M0l4ZmVqajdNNUp0VVBNcFBtUmw1SVBNTmhhTEF5VE1XdlZCcHVkb3ZWWStCNWxrQVYxM3dUcEw0UU1jN2NjS3E0VEhueUh1Rk85b0FLbTdBdXl0TzVFY0orOC9PMzhVUDdYcDR2a0hqbC9mM1VMZTVRN1AxVDU3VWs4d1dJcTZlVEZwYjZ4QjFMMGcvZjUyOVFyaEptbEhpNzNDcFlvfA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

508c99d8a2ae5cdd1fcc0eb801db1a6bf0fc74ed45afcc4c41b83ccbab05414d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2433
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
location: https://mug.criteo.com/sid?cpp=lw8OD3w0VTlPZk9xSStUb3RuNEFIaHFRR3NIOEdaT1pwL3FWcktZTzI1bEZBZW1CQTJBQmNOeXQ2YkttZll3WmJpMDM0VjBlNlBlYlNMZFFCbytIcy9TQzh2Z2VWN2NqY21BRm85M0l4ZmVqajdNNUp0VVBNcFBtUmw1SVBNTmhhTEF5VE1XdlZCcHVkb3ZWWStCNWxrQVYxM3dUcEw0UU1jN2NjS3E0VEhueUh1Rk85b0FLbTdBdXl0TzVFY0orOC9PMzhVUDdYcDR2a0hqbC9mM1VMZTVRN1AxVDU3VWs4d1dJcTZlVEZwYjZ4QjFMMGcvZjUyOVFyaEptbEhpNzNDcFlvfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2066
content-length: 509
expires: 0

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 580A 86 KB
30 KB 89ms
33ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15851"
vary: Accept-Encoding
x-hw: 1645319667.dop005.ml1.t,1645319667.cds224.ml1.hn,1645319667.cds019.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 ac70fec7.e49a4bcb.chunk.css
www.brighteon.com/_next/static/css/ Frame 580A 279 KB
41 KB 38ms
36ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/ac70fec7.e49a4bcb.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17e3e8a4f0c89f19ebb33507b914795f9552f48675cf8ff47ffe189acbc8206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"45c15-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e36374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.90493a32.chunk.css
www.brighteon.com/_next/static/css/ Frame 580A 24 KB
5 KB 43ms
38ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.90493a32.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b21fd316eb51808b1c69007b561f221c69326645de4602ab47910c3a3a9ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"6134-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e38374a-MXP

GET
H2 200 styles.acfb08e3.chunk.css
www.brighteon.com/_next/static/css/ Frame 580A 105 KB
16 KB 43ms
39ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/styles.acfb08e3.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0d168b94a8319d5ed646253def036e4d7c9e3e9d7b763aa40a99404db715d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"1a267-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e39374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc_CSS.bae6db6c.chunk.css
www.brighteon.com/_next/static/css/ Frame 580A 57 KB
13 KB 64ms
60ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/9e9c79d6d232b032827ca67255567389a62eecfc_CSS.bae6db6c.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ec8e7e20fb292cd502fb44092748f0071f378427e522f0e53144f140d62903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"e3f1-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3a374a-MXP

GET
H2 200 _app.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/ Frame 580A 77 KB
18 KB 150ms
145ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/_app.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ca59d830534fae59adb49eaf177ef88043998381e55079d5bcd9ee1e935f28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1325f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3b374a-MXP

GET
H2 200 %5Bid%5D.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/embed/ Frame 580A 14 KB
5 KB 151ms
146ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/embed/%5Bid%5D.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0308193c927df3ebc7203ef913ef64ad285ddd7cc0883320a023facf7bf4df9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"37f1-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3c374a-MXP

GET
H2 200 webpack-83bd83ab777f80a6c75c.js Show response
www.brighteon.com/_next/static/runtime/ Frame 580A 1 KB
824 B 153ms
148ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/runtime/webpack-83bd83ab777f80a6c75c.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5fb-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3d374a-MXP

GET
H2 200 framework.36b6a3d04cd6912f17c7.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 126 KB
41 KB 149ms
144ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/framework.36b6a3d04cd6912f17c7.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49468e194f1bbf67036d4379e428619e592bf6ded18ff17cb5fe423e91dabe5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1f966-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3e374a-MXP

GET
H2 200 c78d26b1.dc78a7cdff412651ee16.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 70 KB
25 KB 324ms
319ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/c78d26b1.dc78a7cdff412651ee16.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb911be31d77d8e291d544e896cb937f37188212f42f0d2c0d22ebd9c098303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"117b4-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e3f374a-MXP

GET
H2 200 e971612a.372aa1fd207d6a61f8fb.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 58 KB
19 KB 158ms
154ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/e971612a.372aa1fd207d6a61f8fb.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834f8bbe14ef3ba46b460a53b69b49b8c787808b8eac72312fb060940a76b1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"e710-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d02e41374a-MXP

GET
H2 200 ac70fec7.5b365d0616318c727fbb.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 62 B
126 B 332ms
328ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/ac70fec7.5b365d0616318c727fbb.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e538ecf20266125f832923a584a2a959f6ccb7a45958935fe62db14753799f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e61374a-MXP

GET
H2 200 cc3e3cd0c287601c8e79039d8c98e7404418ff56.eaf9f27804f7baa24bed.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 6 KB
2 KB 162ms
158ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/cc3e3cd0c287601c8e79039d8c98e7404418ff56.eaf9f27804f7baa24bed.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6dcc6072189207134891ac28b07080289216f14d95f3b82141401a7a94eba84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"18de-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e63374a-MXP

GET
H2 200 5fef077c279e28f9ea146fff8cad39c8fb20a758.8a64f400dd6c7086e148.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 24 KB
9 KB 173ms
168ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5fef077c279e28f9ea146fff8cad39c8fb20a758.8a64f400dd6c7086e148.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c28a2e512cbd84cc8bf6264a77ff38ce59c0964876e71e00c82124e367d03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5e4f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e64374a-MXP

GET
H2 200 ca928cf6b0acad97cb25cd239ed50bd4b7829108.4be2461f20de5d6b0845.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 341 KB
80 KB 160ms
156ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/ca928cf6b0acad97cb25cd239ed50bd4b7829108.4be2461f20de5d6b0845.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1c7c573797b5216fd472808ff7be94a01a720143b01b22c702966c09e8a925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"55269-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e65374a-MXP

GET
H2 200 cbba2530994d4cbe69116171353966f0a5c30944.37d2290aa7395e56ae47.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 20 KB
7 KB 162ms
158ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/cbba2530994d4cbe69116171353966f0a5c30944.37d2290aa7395e56ae47.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4483b5c07abde8246a41eec51ee0b3f9b97eb1fe1c90f985939b373a5a4cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"503c-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e67374a-MXP

GET
H2 200 89bde0b78484d8bb601b94f8556a2d401b7a3f6a.a801f67ab9d8fb1b52ce.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 83 KB
16 KB 277ms
274ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/89bde0b78484d8bb601b94f8556a2d401b7a3f6a.a801f67ab9d8fb1b52ce.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aae70129991aa071284777e8bd60464304f703ba69427984f8093720b253e65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"14d8d-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e69374a-MXP

GET
H2 200 68a1817c9f807a48399400048ef9c109f89de2e3.828fd5fec8a4d07ffb64.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 116 KB
38 KB 278ms
274ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/68a1817c9f807a48399400048ef9c109f89de2e3.828fd5fec8a4d07ffb64.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a118de874144310325ff23f13195e5c064d59628b63667b3bce152ba338232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1cfe4-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e6a374a-MXP

GET
H2 200 8d2b4485921728d17064a14c071a4e1bd89d001a.97663de7f0cb5749fbbe.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 54 KB
15 KB 185ms
182ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/8d2b4485921728d17064a14c071a4e1bd89d001a.97663de7f0cb5749fbbe.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0695dc05fc1251444c66cd42590ac99a996a9ad2c20dc3124f97e345e3c91ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"d931-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e6c374a-MXP

GET
H2 200 bc3efbd84888ae4835009894dd945f2db859a4cc.8b0e3b418de854016220.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 24 KB
8 KB 225ms
222ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/bc3efbd84888ae4835009894dd945f2db859a4cc.8b0e3b418de854016220.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1e8eb9fca06245ec5e8b484959c806baed43e99684852f7f49f5c12c82b24c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"6047-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e6e374a-MXP

GET
H2 200 6abf8ae9708afacca804b9d81f511314745dfa33.eb3dd5023363522320b7.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 10 KB
3 KB 289ms
286ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/6abf8ae9708afacca804b9d81f511314745dfa33.eb3dd5023363522320b7.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ac5a278088cf100f06a1b2e0f5b930b0b1066b37766b0c5edf54663b971ae9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2660-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e6f374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280.df372e10d23d0f6c4413.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 42 KB
12 KB 269ms
266ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5404bfd4ec5035cbeea32f60f2cd63db175d7280.df372e10d23d0f6c4413.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932e9a0030a21226f1fdf3a30c2555954981a03e1b79ad7931067b59618d809d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"a69d-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e70374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.03c745168c9d799f7ffc.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 62 B
126 B 276ms
274ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.03c745168c9d799f7ffc.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46617a911a33e19a65d77579de3380778907bd842374c5c86a7feb67f737dd7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e71374a-MXP

GET
H2 200 styles.dea5c25f601dfbadb4f2.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 1 KB
406 B 179ms
176ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/styles.dea5c25f601dfbadb4f2.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14602de7ec18e2662be60f82fbdbc9561a4df72457aa3b690985be1f22987475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"4a5-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e72374a-MXP

GET
H2 200 main-5d6220b8ff0653e4acdd.js Show response
www.brighteon.com/_next/static/runtime/ Frame 580A 18 KB
7 KB 210ms
208ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/runtime/main-5d6220b8ff0653e4acdd.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2a56be8f3774a4277a3f26c4c225923bc553f3c30a781099d7be32fe898ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"485f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e73374a-MXP

GET
H2 200 123e19f2.05b1403085434b076ba4.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 369 KB
103 KB 201ms
199ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/123e19f2.05b1403085434b076ba4.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ebcb123b52beb96aed11e884ceba7f59f0fdfab3d2e9e5a7d8b5b55c827407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5c379-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e74374a-MXP

GET
H2 200 4e3c7b48.44ccdc248a39115127c1.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 177 KB
48 KB 190ms
189ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/4e3c7b48.44ccdc248a39115127c1.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3e9d07be4e2e798382f9f38131e602b8b8a095cca88db5a1421b971b672cb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2c2ec-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e75374a-MXP

GET
H2 200 59e3f217.85f6bb14d45b88f61cc2.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 177 KB
47 KB 163ms
161ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/59e3f217.85f6bb14d45b88f61cc2.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233119494631d8322dbe9a6ddc6ea9487cb66c97a1c0c30011f41cb64f0525eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2c2ee-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e76374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 714 KB
203 KB 166ms
164ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded53c7867f03c1b9f6f5ef2adaf5f41bd0aa99d1a8a4592a22b5a95b084d7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"b2825-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e77374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc_CSS.9d25e9a97bf02ec2589a.js Show response
www.brighteon.com/_next/static/chunks/ Frame 580A 62 B
141 B 202ms
200ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc_CSS.9d25e9a97bf02ec2589a.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad94f954cf93d38009e614cf9bc41b91fff4cbd642e049e0cde7c96bd5a1589b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d04e78374a-MXP

GET
H2 200 5b6d055b-bdb3-4709-83a5-72398f980cce
photos.brighteon.com/poster/ Frame 580A 2 MB
2 MB 567ms
471ms Image
image/png 2600:9000:206f:6a00:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/poster/5b6d055b-bdb3-4709-83a5-72398f980cce
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54854c7f9b5e9798209726ee090515056d053f86b07584995b223198651517db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified: Thu, 24 Oct 2019 18:06:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "73d49e253d688ab0091aee7205edc468"
x-cache: Miss from cloudfront
x-amz-meta-optimized: true
accept-ranges: bytes
content-type: image/png
content-length: 1609936
x-amz-cf-id: IEE5feGb7RSI8PlzwFVcYfLWGery2--Szj9qyP4UFpFK5A0_V5LA3g==

GET
H2 200 _buildManifest.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/ Frame 580A 9 KB
2 KB 174ms
174ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/_buildManifest.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af35c7c78920e43c1b1d3b01a0d8d817f6a5d6dcb8ec1eaa768ff920336b2c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2302-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d06e91374a-MXP

GET
H2 200 _ssgManifest.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/ Frame 580A 76 B
136 B 174ms
173ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/_ssgManifest.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"4c-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d06e92374a-MXP

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54E5 0
0 48ms
48ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFiVKUUB3nI2FKEZXIK9usUfpeZDPBfln_qfxz-qIHB9jH7ELyIY_RjGihKM1H6iMlbL0TbI7VsnfqQS9w3jzp5zjX-a4TnB99jvluCyYVmtd7kjEj3vn8pCwr-dg6BuImeuoP9o67OKWsYQ8lLjRnAx-tY2-HkDQBoWlCBGceXE6EmQH9aSrT667Y24hIZrvLPB5jTBbc2OIwFxQIAmrAYBXqVu4nmSgJ61N5vM8zmPCvhlUDWvlpm4Xf1hf50G8X2YF4Qo-okHYIDk50DTDhnmbowPrmLEryXeaFMJEfaiU7h7kKTaQ-Vst10MXI5E2sqOFIBkCl2J-SNDMUzu0por3Xi9tkEw&sai=AMfl-YRNTc5atEonxW50vSKVpZBDMriMaIew2-1m8_A1xMMLbiUiUToJjv_Zc4b3AIkTMjgp8EqWVNtC-R4-dck6KjMQLUkq6rtYmIK2aDMkEZHul0OPnUddOiUEVMvyWVwK&sig=Cg0ArKJSzCNooNaMSDFFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Feb 2022 01:14:27 GMT

GET
H2 200 t.js Show response
kloperd.com/ Frame 54E5 39 KB
11 KB 72ms
20ms Script
application/javascript 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1708fe250d9ec56e5e0603b95d5ce012d825b156968ec40057a5de7e1a535a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 11:59:04 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 11:54:33 GMT
server: AmazonS3
age: 47724
etag: W/"3134cec1d90321e84b2191dc3940bd11"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-version-id: taoJE6SJa7veFGfQKI4VRaAw1wMgBOdy
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: K4XH01EexTq0v7VBPW6OtGbNE9l8IQi0ROPuHbdmI2-Uvi-8cTcOqQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E5 124 KB
38 KB 68ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:14:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 98ms
37ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-116960692-1&cid=498148452.1645319667&jid=1792564996&gjid=373845247&_gid=310160179.1645319667&_u=aGBAgUIhAAAAAE~&z=1648900157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Feb 2022 01:14:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=2001753584&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&ul=en-us&de=UTF-8&dt=Deep%20state%20in%20total%20panic%20as%20Durham%E2%80%99s%20investigation%20confirmed%20to%20have%20transitioned%20to%20CRIMINAL%20phase%E2%80%A6%20indictments%20imminent%20%7C%20SGT%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUIh~&jid=1792564996&gjid=373845247&cid=498148452.1645319667&tid=UA-116960692-1&_gid=310160179.1645319667&z=1539823018

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 19:57:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19009
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 4CB0 86 KB
30 KB 77ms
67ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15851"
vary: Accept-Encoding
x-hw: 1645319667.dop005.ml1.t,1645319667.cds224.ml1.hn,1645319667.cds019.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 ac70fec7.e49a4bcb.chunk.css
www.brighteon.com/_next/static/css/ Frame 4CB0 279 KB
41 KB 38ms
36ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/ac70fec7.e49a4bcb.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17e3e8a4f0c89f19ebb33507b914795f9552f48675cf8ff47ffe189acbc8206

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"45c15-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07e9d374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.90493a32.chunk.css
www.brighteon.com/_next/static/css/ Frame 4CB0 24 KB
5 KB 48ms
46ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.90493a32.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b21fd316eb51808b1c69007b561f221c69326645de4602ab47910c3a3a9ffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"6134-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07e9f374a-MXP

GET
H2 200 styles.acfb08e3.chunk.css
www.brighteon.com/_next/static/css/ Frame 4CB0 105 KB
16 KB 44ms
42ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/styles.acfb08e3.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0d168b94a8319d5ed646253def036e4d7c9e3e9d7b763aa40a99404db715d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"1a267-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea0374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc_CSS.bae6db6c.chunk.css
www.brighteon.com/_next/static/css/ Frame 4CB0 57 KB
13 KB 48ms
46ms Stylesheet
text/css 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/css/9e9c79d6d232b032827ca67255567389a62eecfc_CSS.bae6db6c.chunk.css
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ec8e7e20fb292cd502fb44092748f0071f378427e522f0e53144f140d62903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
age: 211994
etag: W/"e3f1-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea1374a-MXP

GET
H2 200 _app.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/ Frame 4CB0 77 KB
18 KB 221ms
219ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/_app.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ca59d830534fae59adb49eaf177ef88043998381e55079d5bcd9ee1e935f28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1325f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea3374a-MXP

GET
H2 200 %5Bid%5D.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/embed/ Frame 4CB0 14 KB
5 KB 220ms
215ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/pages/embed/%5Bid%5D.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0308193c927df3ebc7203ef913ef64ad285ddd7cc0883320a023facf7bf4df9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"37f1-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea4374a-MXP

GET
H2 200 webpack-83bd83ab777f80a6c75c.js Show response
www.brighteon.com/_next/static/runtime/ Frame 4CB0 1 KB
858 B 174ms
169ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/runtime/webpack-83bd83ab777f80a6c75c.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5fb-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea6374a-MXP

GET
H2 200 framework.36b6a3d04cd6912f17c7.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 126 KB
41 KB 173ms
169ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/framework.36b6a3d04cd6912f17c7.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49468e194f1bbf67036d4379e428619e592bf6ded18ff17cb5fe423e91dabe5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1f966-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea7374a-MXP

GET
H2 200 c78d26b1.dc78a7cdff412651ee16.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 70 KB
25 KB 268ms
263ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/c78d26b1.dc78a7cdff412651ee16.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb911be31d77d8e291d544e896cb937f37188212f42f0d2c0d22ebd9c098303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"117b4-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea8374a-MXP

GET
H2 200 e971612a.372aa1fd207d6a61f8fb.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 58 KB
19 KB 173ms
168ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/e971612a.372aa1fd207d6a61f8fb.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834f8bbe14ef3ba46b460a53b69b49b8c787808b8eac72312fb060940a76b1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"e710-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ea9374a-MXP

GET
H2 200 ac70fec7.5b365d0616318c727fbb.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 62 B
138 B 173ms
168ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/ac70fec7.5b365d0616318c727fbb.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e538ecf20266125f832923a584a2a959f6ccb7a45958935fe62db14753799f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eab374a-MXP

GET
H2 200 cc3e3cd0c287601c8e79039d8c98e7404418ff56.eaf9f27804f7baa24bed.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 6 KB
2 KB 167ms
162ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/cc3e3cd0c287601c8e79039d8c98e7404418ff56.eaf9f27804f7baa24bed.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6dcc6072189207134891ac28b07080289216f14d95f3b82141401a7a94eba84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"18de-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07ead374a-MXP

GET
H2 200 5fef077c279e28f9ea146fff8cad39c8fb20a758.8a64f400dd6c7086e148.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 24 KB
9 KB 218ms
213ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5fef077c279e28f9ea146fff8cad39c8fb20a758.8a64f400dd6c7086e148.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c28a2e512cbd84cc8bf6264a77ff38ce59c0964876e71e00c82124e367d03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5e4f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eae374a-MXP

GET
H2 200 ca928cf6b0acad97cb25cd239ed50bd4b7829108.4be2461f20de5d6b0845.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 341 KB
80 KB 166ms
161ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/ca928cf6b0acad97cb25cd239ed50bd4b7829108.4be2461f20de5d6b0845.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1c7c573797b5216fd472808ff7be94a01a720143b01b22c702966c09e8a925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"55269-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eaf374a-MXP

GET
H2 200 cbba2530994d4cbe69116171353966f0a5c30944.37d2290aa7395e56ae47.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 20 KB
7 KB 179ms
175ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/cbba2530994d4cbe69116171353966f0a5c30944.37d2290aa7395e56ae47.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4483b5c07abde8246a41eec51ee0b3f9b97eb1fe1c90f985939b373a5a4cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"503c-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb3374a-MXP

GET
H2 200 89bde0b78484d8bb601b94f8556a2d401b7a3f6a.a801f67ab9d8fb1b52ce.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 83 KB
16 KB 172ms
168ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/89bde0b78484d8bb601b94f8556a2d401b7a3f6a.a801f67ab9d8fb1b52ce.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aae70129991aa071284777e8bd60464304f703ba69427984f8093720b253e65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"14d8d-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb5374a-MXP

GET
H2 200 68a1817c9f807a48399400048ef9c109f89de2e3.828fd5fec8a4d07ffb64.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 116 KB
38 KB 249ms
245ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/68a1817c9f807a48399400048ef9c109f89de2e3.828fd5fec8a4d07ffb64.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a118de874144310325ff23f13195e5c064d59628b63667b3bce152ba338232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"1cfe4-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb6374a-MXP

GET
H2 200 8d2b4485921728d17064a14c071a4e1bd89d001a.97663de7f0cb5749fbbe.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 54 KB
15 KB 245ms
241ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/8d2b4485921728d17064a14c071a4e1bd89d001a.97663de7f0cb5749fbbe.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0695dc05fc1251444c66cd42590ac99a996a9ad2c20dc3124f97e345e3c91ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"d931-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb7374a-MXP

GET
H2 200 bc3efbd84888ae4835009894dd945f2db859a4cc.8b0e3b418de854016220.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 24 KB
8 KB 218ms
213ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/bc3efbd84888ae4835009894dd945f2db859a4cc.8b0e3b418de854016220.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1e8eb9fca06245ec5e8b484959c806baed43e99684852f7f49f5c12c82b24c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"6047-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb8374a-MXP

GET
H2 200 6abf8ae9708afacca804b9d81f511314745dfa33.eb3dd5023363522320b7.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 10 KB
3 KB 165ms
161ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/6abf8ae9708afacca804b9d81f511314745dfa33.eb3dd5023363522320b7.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ac5a278088cf100f06a1b2e0f5b930b0b1066b37766b0c5edf54663b971ae9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2660-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d07eb9374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280.df372e10d23d0f6c4413.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 42 KB
12 KB 271ms
267ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5404bfd4ec5035cbeea32f60f2cd63db175d7280.df372e10d23d0f6c4413.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932e9a0030a21226f1fdf3a30c2555954981a03e1b79ad7931067b59618d809d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"a69d-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ec8374a-MXP

GET
H2 200 5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.03c745168c9d799f7ffc.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 62 B
126 B 268ms
264ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/5404bfd4ec5035cbeea32f60f2cd63db175d7280_CSS.03c745168c9d799f7ffc.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46617a911a33e19a65d77579de3380778907bd842374c5c86a7feb67f737dd7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ecb374a-MXP

GET
H2 200 styles.dea5c25f601dfbadb4f2.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 1 KB
390 B 245ms
242ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/styles.dea5c25f601dfbadb4f2.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14602de7ec18e2662be60f82fbdbc9561a4df72457aa3b690985be1f22987475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"4a5-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ecc374a-MXP

GET
H2 200 main-5d6220b8ff0653e4acdd.js Show response
www.brighteon.com/_next/static/runtime/ Frame 4CB0 18 KB
7 KB 215ms
213ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/runtime/main-5d6220b8ff0653e4acdd.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2a56be8f3774a4277a3f26c4c225923bc553f3c30a781099d7be32fe898ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"485f-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ecd374a-MXP

GET
H2 200 123e19f2.05b1403085434b076ba4.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 369 KB
103 KB 215ms
214ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/123e19f2.05b1403085434b076ba4.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ebcb123b52beb96aed11e884ceba7f59f0fdfab3d2e9e5a7d8b5b55c827407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"5c379-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ed0374a-MXP

GET
H2 200 4e3c7b48.44ccdc248a39115127c1.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 177 KB
47 KB 176ms
174ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/4e3c7b48.44ccdc248a39115127c1.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3e9d07be4e2e798382f9f38131e602b8b8a095cca88db5a1421b971b672cb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2c2ec-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ed3374a-MXP

GET
H2 200 59e3f217.85f6bb14d45b88f61cc2.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 177 KB
47 KB 279ms
277ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/59e3f217.85f6bb14d45b88f61cc2.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233119494631d8322dbe9a6ddc6ea9487cb66c97a1c0c30011f41cb64f0525eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2c2ee-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ed4374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 714 KB
203 KB 272ms
271ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded53c7867f03c1b9f6f5ef2adaf5f41bd0aa99d1a8a4592a22b5a95b084d7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"b2825-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08ed8374a-MXP

GET
H2 200 9e9c79d6d232b032827ca67255567389a62eecfc_CSS.9d25e9a97bf02ec2589a.js Show response
www.brighteon.com/_next/static/chunks/ Frame 4CB0 62 B
126 B 269ms
267ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc_CSS.9d25e9a97bf02ec2589a.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad94f954cf93d38009e614cf9bc41b91fff4cbd642e049e0cde7c96bd5a1589b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"3e-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08eda374a-MXP

GET
H2 200 7d94483a-9ec5-49cd-8c86-beab7294bdee
photos.brighteon.com/poster/ Frame 4CB0 1 MB
1 MB 530ms
460ms Image
image/png 2600:9000:206f:6a00:1:93c2:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.brighteon.com/poster/7d94483a-9ec5-49cd-8c86-beab7294bdee
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6a00:1:93c2:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96c05dd253769b774ba6b472977a80a56bae04872a1d58f8d6081c5806949a7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified: Wed, 23 Oct 2019 16:29:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "d967ba283b86346f2ebbec70a6b7fd0a"
x-cache: Miss from cloudfront
x-amz-meta-optimized: true
accept-ranges: bytes
content-type: image/png
content-length: 1215535
x-amz-cf-id: QTETJHW_vYewCdmiiA7No6wrOOCaQDLtiRbrFWrRGtPeunHwouAtGA==

GET
H2 200 _buildManifest.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/ Frame 4CB0 9 KB
2 KB 231ms
231ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/_buildManifest.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af35c7c78920e43c1b1d3b01a0d8d817f6a5d6dcb8ec1eaa768ff920336b2c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"2302-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08edb374a-MXP

GET
H2 200 _ssgManifest.js Show response
www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/ Frame 4CB0 76 B
121 B 179ms
179ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighteon.com/_next/static/u0G-RsVWzDpMQ4ETiQlSr/_ssgManifest.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jan 2022 07:45:54 GMT
server: cloudflare
etag: W/"4c-17e9fa5db50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 6e03e0d08edc374a-MXP

GET
H3 200 sgtreport.com.372834.es6.js Show response
jsc.mgid.com/s/g/ 251 KB
73 KB 182ms
182ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8330e9ffee2fc5c6316a3d51b0926bdb168ffbba04638c3709c9240d7eab5bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: E877BV3XTYXCG0YT
last-modified: Mon, 14 Feb 2022 04:32:37 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9JX+c1z073LPgRKRtShGniz/+joBFOuA08LHIVH5/0jlkMcpOV21D5wHlVgbLtmncLZr8h6NJbs=
cf-bgj: minify
server: cloudflare
etag: W/"9315be1ac82bfbc491705e8e0a0db698"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6e03e0d08b5c5b98-FRA
expires: Sun, 20 Feb 2022 04:14:27 GMT

GET
H2 200 mgWidget_1.11.83.es6.js Show response
cdn.mgid.com/js/wglibs/ 316 KB
63 KB 44ms
33ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.83.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1092d22a99ff35e266d2518b015ccc0f91f758612d62a9d3723a59b43e42a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 5264
last-modified: Thu, 10 Feb 2022 14:12:22 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SFQHS6JJYGBCGRV1
x-amz-id-2: j/GhuO7NwNxVXuJKsTyTygVlmok0uNz8lXJ3KHEr79vlXrSvX0WmAZBmx+YpdP7rfnYOAHY/eG0=
cf-bgj: minify
server: cloudflare
etag: W/"26c1d3f209caf6d960b4cdf26f441af9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 6e03e0d09b1092b7-FRA
expires: Mon, 21 Feb 2022 01:14:27 GMT

GET
H2 200 delivery.js Show response
assets.newsmaxwidget.com/master/ 190 KB
62 KB 78ms
29ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.newsmaxwidget.com/master/delivery.js
Requested by: Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/xKdmbX45rqIH8bHCkG3Fae/bootloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66858a18f40bc94d285007156809f27a286d2d3c001f1050d62eff2185968709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 19:36:32 GMT
server: AmazonS3
x-amz-request-id: T3ASKMCRMAXNMWKG
etag: "cb93a8da23412b736f7906242544502c"
x-hw: 1645319667.cds241.fr8.hn,1645319667.cds288.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63369
x-amz-id-2: t6xmpaAeULCTLLnTrctPb65o/ii+LWgmd/gYxlXPm2wrAM7dTGyaKuSwW7uI40DEdQFvP+DfNnM=

GET
H2 204 generic
trends.newsmaxwidget.com/event/ 0
182 B 186ms
81ms Image
text/plain 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&s[hash]=xKdmbX45rqIH8bHCkG3Fae

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 8F47 400 B
1 KB 93ms
34ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: 7+YL88skjmyMynqzr+sfHPaBZVK7iI3beXNbd4ArkLKvr65z8P2OjkIo57+CVWUCbTRWDLhAd3AJRllgAFkwVA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Feb 2023 12:45:18 GMT

GET
H2 200 output.js Show response
www.zergnet.com/ 6 KB
2 KB 128ms
128ms Script
application/javascript 52.22.187.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=64538&time=1645319667299&sc=1&callback=json7796496
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=64538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.187.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-187-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9e245db4f1b98091b9f8fd81672391454d32a734f44880757ef822bd80ab6647

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SkN1VM23VLH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/ Frame 8F47 521 KB
137 KB 100ms
48ms XHR
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/SkN1VM23VLH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dae3d45394340306f805d6cd86fc1981c1a378308e37910f3f242157f0abb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WpfbaLoo+hyr4GnolJQPRg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139203
x-fb-rlafr: 0
x-fb-debug: Jak64A6jnEuCDJM8rSzMY/kVvf8XJ6CJf21lR6WmEEvwipKA9mVzIPNFm53DAgWYGHgcmxq6m2jAuyrC82pzrg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 19 Feb 2023 01:55:03 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 419F 232 B
447 B 240ms
161ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f617ff35cb5363c34f43b0724e892af12da1aaa9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.sgtreport.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Sun, 20 Feb 2022 01:14:27 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 9ea5fe420dbcff773b9e37c95229f09f6ec320f6da2fe7f8487b7d7afaf7eee0
content-length: 166

GET
DATA 200
OK truncated
/ Frame 54E5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73c880a4f8aa88252c1221c01f81396cda7d05b3f213881fabb6844e49bf4585

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 xe5quy0sq7u0ki3uk70hy.json Show response
kloperd.com/c/ Frame 54E5 1 KB
2 KB 158ms
56ms Fetch
application/octet-stream 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/c/xe5quy0sq7u0ki3uk70hy.json
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e2125ef84000f0aeee5d9dc666315e264536935c985f86904674ad3eced30a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: OPAcgrXhlUrr2GBmC1pGGQ7qw8ULcY8Z
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Fri, 04 Feb 2022 21:21:39 GMT
server: AmazonS3
age: 63981
etag: "94bda04a448f73e99c8f8d1b2a46bb1d"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
date: Sat, 19 Feb 2022 07:28:07 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1310
x-amz-cf-id: oQLM5hbzQzi-5LiQy1-mPwdgXoo94pyb2ohF_od8ShPXTU7TqeGghA==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 167ms
56ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2031
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 166ms
55ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1035
date: Sun, 20 Feb 2022 01:14:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 164ms
55ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 858
date: Sun, 20 Feb 2022 01:14:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54E5 0
0 84ms
84ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_qy0ANAZZQu1NzbO_nMjWWLjBz6CVQ6NIHmB6AI0nAebf0ccDtpVQPmLaAlW9BU2pqRmrxPygmiNiaU2kI325laf4BW-8fgffHGg4EQRGi8elVzuwQvLreNOg5f3TXFiGJNcyWyueB8j0MHXt1ShI7pWV7svsvLDNXqjRkfEBhi3uVz5ZQj6j78_MsfAI7JfBMwiIzKeQWUsqqvbglk1ZF59JRGKMBOTmOr_KHoEclOLYyP7mYDeOqkP0yp9fB2Er6LeK9U0x2kZipJwekylG9BOoqoWzPh_azmIBLVmfuSh-qCyjEtJiwE5htYqBShIoriVtlfwo41REddGOffVKZ6S4MU6IZETE&sai=AMfl-YQLJ9_5Ez25PS7dUPZwzJ-4F0k2NGflUgszH3uqSkrv6yrayw8anlLV69ZR-I1Z5z_Xj9waB7MDF4wty1r_OL9WV21A5JLHT9SqhYaw5zuUMo2Y08wvc8F0PTmM44bo&sig=Cg0ArKJSzCJZKr_UKx50EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Feb 2022 01:14:27 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 28 KB
11 KB 524ms
524ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=184949&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&icr_url=&va=0&time=1645319667443&up=pc&bn=chrome&bv=98&widget_width=789&style_id=0&idhub[pubcid]=ba06b099-7cda-47e9-aff7-ff1e7fc5a1cb

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

c7961c16762a0299d27bdbdd04e1dcf0059d199fb73f7425275bb448469f271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 11227

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 29 KB
12 KB 183ms
182ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=184950&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&icr_url=&va=0&time=1645319667444&up=pc&bn=chrome&bv=98&widget_width=225&style_id=0&idhub[pubcid]=ba06b099-7cda-47e9-aff7-ff1e7fc5a1cb

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

79e9a04018da79876b60fdd8c748122ff327b62f2f969279f4a5c5429e77c430

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 11966

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame E053 45 KB
17 KB 112ms
50ms Script
text/javascript 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: customads.co
URL: https://customads.co/lad/8773791841012071?pubid=ld-7837-487&pubo=https%3A%2F%2Fwww.sgtreport.com&rid=&width=789

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://customads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5338
date: Sat, 19 Feb 2022 23:45:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sun, 20 Feb 2022 01:45:29 GMT

GET
H/1.1 200
OK 7065104_300.jpg
img1.zergnet.com/ 29 KB
30 KB 240ms
55ms Image
image/jpeg 52.222.188.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/7065104_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.188.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-188-9.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fe4fee4323cd665841cacb391f5e0683b018c44a7688f3d6ba9ba282bb11bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 17:51:18 GMT
Via: 1.1 a1c4b15d670dc9e4a6cbea1be6412324.cloudfront.net (CloudFront)
Age: 199390
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 29662
Last-Modified: Thu, 17 Feb 2022 17:37:56 GMT
Server: AmazonS3
ETag: "d67b2c82f548e8de769c93b0d1a48a18"
x-amz-version-id: AOXvP5X0Skfjx0SQIQ1Lzm0_axvmnU16
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: HT1pVjX5WWsBUv9Np2T83uewUqUcUFEoujaN9NrUt5bADCBQwFlPkA==
Expires: Fri, 17 Feb 2023 17:37:55 GMT

GET
H/1.1 200
OK 6991916_300.jpg
img1.zergnet.com/ 32 KB
33 KB 220ms
37ms Image
image/jpeg 52.222.188.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/6991916_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.188.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-188-9.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 763db9195ac49fa3f6694511e42fce415a9922e570ce067f3dd79ce3a2b8b2d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 15:53:28 GMT
Via: 1.1 8640a37b586353bc916562c577770222.cloudfront.net (CloudFront)
Age: 3403260
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 32979
Last-Modified: Tue, 11 Jan 2022 15:44:09 GMT
Server: AmazonS3
ETag: "3acec63492c8a543e74b9290e9ed29cd"
x-amz-version-id: f8QgsI2GK.f8QLDrBblTvb0uwNLSHppd
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: oFfup-qTkLvGNpdBJmidoXRHJN8Xofa1FzQS2BgeeeQACU1rqL0LEQ==
Expires: Wed, 11 Jan 2023 15:44:08 GMT

GET
H/1.1 200
OK 6661329_300.jpg
img2.zergnet.com/ 17 KB
18 KB 178ms
34ms Image
image/jpeg 65.9.63.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6661329_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b486f3c72db3452ab4a0349f9e75f463b919de822765d06652f92c628b6aae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 05:10:38 GMT
Via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Age: 15019430
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 17576
Last-Modified: Thu, 22 Jul 2021 18:49:32 GMT
Server: AmazonS3
ETag: "9dedbaaa71a5fb6b8af927fb267a7885"
x-amz-version-id: D_oaDOfkRDQvNu2hcyK32Ifu5ot0bX_P
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: QGW8VII5yJeohbUTYNqbz0kMxJfOiXW-iXesGqOA5jhREzi3YlnNLA==
Expires: Fri, 22 Jul 2022 18:49:31 GMT

GET
H/1.1 200
OK 7004405_300.jpg
img2.zergnet.com/ 21 KB
21 KB 144ms
43ms Image
image/jpeg 65.9.63.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/7004405_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fd42fed19024e13c7ae7a34cded96eef27d6532fe8af4f07f45ba10ad795965

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 19:15:38 GMT
Via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
Age: 2786330
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 21308
Last-Modified: Tue, 18 Jan 2022 19:03:28 GMT
Server: AmazonS3
ETag: "fa06725f5ec196548d6918357d74affc"
x-amz-version-id: xG3dfIg5wgNc1KdqKwvhDwmNB_xYZdT4
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: CUVdcetipXPlE-QndFBpY4LCXVqPVD4EtCjlOA_abKy7Yi_OLswqCA==
Expires: Wed, 18 Jan 2023 19:03:27 GMT

GET
H/1.1 200
OK 6977508_300.jpg
img1.zergnet.com/ 21 KB
22 KB 144ms
36ms Image
image/jpeg 52.222.188.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/6977508_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.188.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-188-9.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f4da0b5cd0dde363870c748b00293b13ff4ccc98032378be85794c4776656e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 05:01:38 GMT
Via: 1.1 2e44a3b2c1d0f478404fb20d9971a778.cloudfront.net (CloudFront)
Age: 2923969
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 21552
Last-Modified: Mon, 03 Jan 2022 21:42:39 GMT
Server: AmazonS3
ETag: "0255112a24da9ed5e6ff2876b40a3d38"
x-amz-version-id: VDd2nIbhSA6u2m6e2hF.XqaK6oIDQZvS
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: NSFMzNaR4KVDu2m6IXB0reWkuMVyxezYg0qZB9kS4ZZvYIvzVxKJqQ==
Expires: Tue, 03 Jan 2023 21:42:38 GMT

GET
H/1.1 200
OK 7058432_300.jpg
img1.zergnet.com/ 22 KB
23 KB 143ms
40ms Image
image/jpeg 52.222.188.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/7058432_300.jpg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.188.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-188-9.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed9c578b58dfc0a88b5f89ad3de8593d8987e798aace7327ef4fe48323c87692

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 20:58:38 GMT
Via: 1.1 91f3147e9f66b9e5e2ff9fa00ee626c0.cloudfront.net (CloudFront)
Age: 447350
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 22613
Last-Modified: Mon, 14 Feb 2022 20:46:11 GMT
Server: AmazonS3
ETag: "755d8d4a54f11bf6d91af522ebd1103a"
x-amz-version-id: RCHKczUcScP6EBYBn3znIDTlQK.WfaLw
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: 1OBfaWkevTBvtT6qF8RXQ1V2ILq_jY7iZyWiHKU8yKSM5ARG9hwfVQ==
Expires: Tue, 14 Feb 2023 20:46:10 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 61ms
61ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1322
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=9b7HD3xJZnZWMmNqbTlJcnFjY1hhd1VWMy91cHBWeUk3MUIyTVd5WUliTnQ3WU5LbEE1ZHU1MEZpSnk1eWhVTStuU3BkRWVYdW5ETE9oTHFHNTl1NXdWUk9mVXV4R1ZZWFBTK3BJZUxyamM2bmxIaFJQVHJrSFliRjFKRm...

342 B
610 B

39ms
39ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9b7HD3xJZnZWMmNqbTlJcnFjY1hhd1VWMy91cHBWeUk3MUIyTVd5WUliTnQ3WU5LbEE1ZHU1MEZpSnk1eWhVTStuU3BkRWVYdW5ETE9oTHFHNTl1NXdWUk9mVXV4R1ZZWFBTK3BJZUxyamM2bmxIaFJQVHJrSFliRjFKRmNhcFExVk9zNmtrVzdXV211Z1d4aUZsQ3JYQUhja3NTSlpaeWJBa3NqLzlCQkJEclJqWGZEck8zZi9Jc0ZDRHNlYTJ0Z2J0UmsycHlLSHVYRUN6NDlrdDZpQkFvUU9taU01eDNFRFNWVHIzWTArVTNJdjZqUWFCK05SMWY2QXRRSmQwSmF3Sm85fA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

58c4b1d1f89184afd8aba7e54541a3c2735ed87d851f08722b5549a646d70229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2811
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
location: https://mug.criteo.com/sid?cpp=9b7HD3xJZnZWMmNqbTlJcnFjY1hhd1VWMy91cHBWeUk3MUIyTVd5WUliTnQ3WU5LbEE1ZHU1MEZpSnk1eWhVTStuU3BkRWVYdW5ETE9oTHFHNTl1NXdWUk9mVXV4R1ZZWFBTK3BJZUxyamM2bmxIaFJQVHJrSFliRjFKRmNhcFExVk9zNmtrVzdXV211Z1d4aUZsQ3JYQUhja3NTSlpaeWJBa3NqLzlCQkJEclJqWGZEck8zZi9Jc0ZDRHNlYTJ0Z2J0UmsycHlLSHVYRUN6NDlrdDZpQkFvUU9taU01eDNFRFNWVHIzWTArVTNJdjZqUWFCK05SMWY2QXRRSmQwSmF3Sm85fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1645
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 58ms
57ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1580
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=GWz7hHxVbHdaa1U5TWRBcDNtUEZqYVM1NEFTL1hnS0pqM2VzRlpOd1RDN3U2TkhrNEwzNklEcmtXbmc1RlVOUGxJME93YzdLZXJXRFZHeUlCRldwbHlmbHZlNitJOHZmTzJ5VnFkWUV1YlBnVEdnRWRHQk5FRXIvRm94Vy...

350 B
617 B

39ms
38ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GWz7hHxVbHdaa1U5TWRBcDNtUEZqYVM1NEFTL1hnS0pqM2VzRlpOd1RDN3U2TkhrNEwzNklEcmtXbmc1RlVOUGxJME93YzdLZXJXRFZHeUlCRldwbHlmbHZlNitJOHZmTzJ5VnFkWUV1YlBnVEdnRWRHQk5FRXIvRm94Vys1OGJrNlJQaGh6RzNwdklaOUZNckQxK2RwMmZmVkpyZVYvWmFFb0JhUk9BQW1UQmVKL1E3K3RjMVdHSWYwaGNhYkZ4NUt3VlZZb2EvTEQyRWJtd2VTeHVHU2NXcXNTMlR6QWxHVTkrLytqVGJBSjdqNDduUSsyZG85cnVRbU9CeWcxNWU4Vy90fA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

74f54cc2378c85fd78d208e6eea39ec2fd520a1365ee8e22415abb0120998f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2591
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
location: https://mug.criteo.com/sid?cpp=GWz7hHxVbHdaa1U5TWRBcDNtUEZqYVM1NEFTL1hnS0pqM2VzRlpOd1RDN3U2TkhrNEwzNklEcmtXbmc1RlVOUGxJME93YzdLZXJXRFZHeUlCRldwbHlmbHZlNitJOHZmTzJ5VnFkWUV1YlBnVEdnRWRHQk5FRXIvRm94Vys1OGJrNlJQaGh6RzNwdklaOUZNckQxK2RwMmZmVkpyZVYvWmFFb0JhUk9BQW1UQmVKL1E3K3RjMVdHSWYwaGNhYkZ4NUt3VlZZb2EvTEQyRWJtd2VTeHVHU2NXcXNTMlR6QWxHVTkrLytqVGJBSjdqNDduUSsyZG85cnVRbU9CeWcxNWU4Vy90fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1925
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
54ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1608
date: Sun, 20 Feb 2022 01:14:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sgtreport.com%2F&domain=www.sgtreport.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sXZqrXxoa2tLNXpXQm9NanNVRUFzYlgzWHFUUmorWGtUUW9MZTRhYUhSK0ZFTUFWVDdlS3QyZSs0VDZxWDUzek16dXNydEh4bWQxaHNvS0kwNWJrbjEwR1dyMU1qaFhRZTZ5WHlDcWN1RTBLNTRkbDRJdTBoNFpJVW5Vdm...

347 B
612 B

39ms
38ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sXZqrXxoa2tLNXpXQm9NanNVRUFzYlgzWHFUUmorWGtUUW9MZTRhYUhSK0ZFTUFWVDdlS3QyZSs0VDZxWDUzek16dXNydEh4bWQxaHNvS0kwNWJrbjEwR1dyMU1qaFhRZTZ5WHlDcWN1RTBLNTRkbDRJdTBoNFpJVW5VdmppYk9uTlVJa2kvcVpteHFGNzArblVONHZBeCthMVN1U2xCOXZZckM5RlBtMVJlc25LWnRsUXBGUzVEaU1qam1QSmJhZXpOYjJ5TDgwQWltbVFPT2NjempEMjZvSElBWDRURitVL1B0SDNxL2JhOEFDTjZJUGxrYTEvOUNQR1FyYk1YVWlFNEx0fA&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b06146f77a690e13319eb29435f10b5d6750fd7c70ed8ca077e4a89ebfea6968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:26 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2350
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
location: https://mug.criteo.com/sid?cpp=sXZqrXxoa2tLNXpXQm9NanNVRUFzYlgzWHFUUmorWGtUUW9MZTRhYUhSK0ZFTUFWVDdlS3QyZSs0VDZxWDUzek16dXNydEh4bWQxaHNvS0kwNWJrbjEwR1dyMU1qaFhRZTZ5WHlDcWN1RTBLNTRkbDRJdTBoNFpJVW5VdmppYk9uTlVJa2kvcVpteHFGNzArblVONHZBeCthMVN1U2xCOXZZckM5RlBtMVJlc25LWnRsUXBGUzVEaU1qam1QSmJhZXpOYjJ5TDgwQWltbVFPT2NjempEMjZvSElBWDRURitVL1B0SDNxL2JhOEFDTjZJUGxrYTEvOUNQR1FyYk1YVWlFNEx0fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2069
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.newsmaxwidget.com/api/demand/ 52 B
267 B 58ms
58ms Fetch
text/html 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/api/demand/?w=167396&wlw=newsmaxwidget.com

Requested by

Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.newsmaxwidget.com/ 0
0 55ms
55ms Fetch 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.newsmaxwidget.com/sync
Requested by: Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2B93 82 KB
27 KB 38ms
37ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c08ecc6cd26974a044a07ec2417c53ae15548d8ae91b73f335719cb6acd02b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27551
x-xss-protection: 0
server: sffe
etag: "1137 / 376 of 1000 / last-modified: 1645225613"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Feb 2022 01:14:27 GMT

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 2B93 368 KB
109 KB 148ms
46ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3880
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydxISZJoiuK6ZnMXVVkIVyQHd5fuMTUnONcRbOxfEw3G4bmQQiXrmAzVWGGHU0fEREPU34WkQJoiHid%2B6tj2dgLloDKo697heFDxWq5Q%2BchpD4G0Fa8R4K%2B%2BskZIadqIdU0docs6CrMI4gI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d3afddd610-MXP

GET
H2 200 p.html Show response
kloperd.com/r/ Frame EB33 10 KB
3 KB 33ms
32ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=ajaqdoabmxf&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: pyK3jhMtEAXjRqAlesG_i85PY1iPga0yC9sP4M-3lgszbWN2zQqk8g==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 4786 10 KB
3 KB 33ms
32ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=qgldyytp&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rGbSAVVr2OV_ld6pxq7xEjiRJ0NOpZeJncheFExRp1B1jHZ_kgDJtQ==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 75B9 10 KB
3 KB 32ms
32ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=zfnjshxzl&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OQX2jsv-cAwSVTYSjUSLb6OmLlGQjdnLPeEQWC2koPEvmhDqcgitKg==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 8C7A 10 KB
3 KB 31ms
31ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=itvuazad&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mlVFDMIGjFdN7fLaq4Ih_sPRj6yfZ67n3ymY4J1U1KBWA2GItVXqyQ==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 0CE3 10 KB
3 KB 32ms
32ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=xbfojoa&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: b3GUEf2sD8OvW8wgHUqgceEuKwsztJbhThXoqkqVciTNZb3FCJHdnA==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 25AB 10 KB
3 KB 31ms
31ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=dsrziibjt&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: z-Bh3YWM1SvVCVgqDVfJsPSspdx--i5KHrshnAkBIGX5oE2cgmZmzg==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 219E 10 KB
3 KB 31ms
30ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=eunjajs&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jWsZ4z_juGQdPJEY75m_yFkV5tlMZZvRTfhfUps-6d1jmEZaGHlQqA==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame D9BD 10 KB
3 KB 30ms
30ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=lmsaqvyf&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 30CiES7sDArP1wCDjCSD5UdpBT9mVYtAdUUbSR8kPoF9m5iGjhdqEQ==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 4084 10 KB
3 KB 30ms
30ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EpY4DK1yog_InoN_Q43pdE8nHTuGRhBf1XebxUlFcMHOhhCwcb7ZUA==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame 07EB 10 KB
3 KB 30ms
30ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=drqex&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5bRWoMR6KEcUecOBIP5OgRj1IZrNjslvrb8-Mxe42HXjc9HK0-lAAw==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame DBAB 10 KB
3 KB 50ms
50ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=hhgkapmva&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mFeC9shBGpu64RIxqPUdthT9XeAL2lFTogVoGwNGTAD_pxz5nstuPw==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame DF1B 10 KB
3 KB 49ms
49ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 2Yn6RFkrTJCOsNFiVo-pLzYv2MIuwRauN13T_6kt3vcKY4bS61ofAw==
age: 12221

GET
H2 200 p.html Show response
kloperd.com/r/ Frame F0DA 10 KB
3 KB 49ms
49ms Document
text/html 65.9.63.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kloperd.com/r/p.html?f=fdnhadlr&e=1070549076851
Requested by: Host: kloperd.com
URL: https://kloperd.com/t.js?i=xe5quy0sq7u0ki3uk70hy&cb=9030051645319667227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

content-type: text/html
last-modified: Thu, 10 Feb 2022 21:27:08 GMT
x-amz-version-id: 6uJ9R0J9cSvwDG9czfOCav.ifivqcb2p
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Feb 2022 21:50:47 GMT
etag: W/"38b66a5f20dbb4b4a360733bd2cef070"
vary: Accept-Encoding Origin
x-cache: Hit from cloudfront
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: SYrGm3gAm2FUs6GfuWIlur138Impjunyswq8t_owat0OR_zgVtFXHQ==
age: 12221

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 37ms
36ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2599
date: Sun, 20 Feb 2022 01:14:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 36ms
35ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 973
date: Sun, 20 Feb 2022 01:14:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 35ms
34ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1111
date: Sun, 20 Feb 2022 01:14:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
trends.newsmaxwidget.com/api/delivery/ 24 KB
10 KB 154ms
154ms Fetch
text/html 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167396&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&icr_url=&va=0&time=1645319667713&up=pc&bn=chrome&bv=98&widget_width=225&style_id=0&idhub[pubcid]=ba06b099-7cda-47e9-aff7-ff1e7fc5a1cb

Requested by

Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

5ebba2aa264a8955c10917e114f68f4319817af984fe5c43b666de172127ef61

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 9555

GET
H/1.1 200
OK horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js Show response
platform.twitter.com/js/ 7 KB
3 KB 50ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:27 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 2473
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE9)
Etag: "29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 BrighteonWBA.js Show response
support.brighteon.com/Javascripts/ Frame 580A 117 KB
14 KB 40ms
29ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.brighteon.com/Javascripts/BrighteonWBA.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/runtime/main-5d6220b8ff0653e4acdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 52c29db24b0d81253a2f8e93a9ac0a521692adde0201d25dc284de79a415f39a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Feb 2022 16:01:50 GMT
server: cloudflare
age: 1297
x-powered-by: ASP.NET
etag: W/"998c9824e23d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6e03e0d46a50374a-MXP

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 99ms
39ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 25 KB
8 KB 13ms
13ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5444cd7071930c438b16ad5b9b000e89459ef0a0b6b189fe49aee4d62e4da34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 19:36:35 GMT
server: AmazonS3
x-amz-request-id: WD4344MC1M0G8DW0
etag: "d648edfae19a1b83926765baf6b0e166"
x-hw: 1645319667.cds001.fr8.hn,1645319667.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 8006
x-amz-id-2: xKm168+8QN107h1JXmPEJRKkQM49R5Pp6D9EIHyrd99Pzb6HqXnVfGZsy0YnNAN85Lrpkcj8Gfs=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
7 KB 14ms
13ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea5d33b2116aaeb744b91486635b1b946eca7886c17d74e235195d4b8a1196ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 19:36:33 GMT
server: AmazonS3
x-amz-request-id: WD4FREQVCQQQ6C93
etag: "9f9c16b79bcb6617b4652bc3e268a845"
x-hw: 1645319667.cds001.fr8.hn,1645319667.cds280.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6927
x-amz-id-2: rpyyLHVbHO98PxhjfrutiPidDw3ncI/bzCbA4gWjLWbSucBYqITKFLGbAWIPPNG3WdCEOsQnafw=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 13ms
13ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e10bb7a283d08cfe768b2e2c84137092526009359bc23bcae4af7a1792a29c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 19:36:35 GMT
server: AmazonS3
x-amz-request-id: WD4EZS4Z9MT31WXN
etag: "26a31bfc1cd63522fe10e7fe901af7ea"
x-hw: 1645319667.cds001.fr8.hn,1645319667.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1639
x-amz-id-2: MeX6RBdaDMO9iujPYwpeS3KyUjbxvr44Hwud1aIWfUhRKa3mwE5ax8mnrumsgvbLVd6zkH9NUYU=

GET
H2 200 BrighteonWBA.js Show response
support.brighteon.com/Javascripts/ Frame 4CB0 117 KB
14 KB 36ms
36ms Script
application/javascript 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.brighteon.com/Javascripts/BrighteonWBA.js
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/runtime/main-5d6220b8ff0653e4acdd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 52c29db24b0d81253a2f8e93a9ac0a521692adde0201d25dc284de79a415f39a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Feb 2022 16:01:50 GMT
server: cloudflare
age: 1297
x-powered-by: ASP.NET
etag: W/"998c9824e23d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6e03e0d48a88374a-MXP

GET
DATA 200
OK truncated
/ Frame 580A 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.brighteon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 pubads_impl_2022021502.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2B93 360 KB
121 KB 12ms
11ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123418
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Feb 2023 00:00:53 GMT

GET
BLOB 200
OK 6ee3069b-c201-4338-a8f4-6f9e4df24712
https://www.brighteon.com/ Frame 580A 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/6ee3069b-c201-4338-a8f4-6f9e4df24712
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf.m3u8 Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 580A 401 B
442 B 447ms
394ms XHR
application/vnd.apple.mpegurl 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf.m3u8
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0455a7341934193941b1d65f9022d986164d291a3be03863ae9faf3f502d3a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f119f038465431b41_d20191024_m190935_c002_v0001129_t0048
x-bz-content-sha1: unverified:2988db673277f5087d48b50154c6b561da6796cf
x-bz-file-name: hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf.m3u8
x-bz-upload-timestamp: 1571944175000
last-modified: Sun, 20 Feb 2022 01:14:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0d51fef83a3-MXP

GET
BLOB 200
OK c3902b87-f734-4160-8c60-e6426b915f18
https://www.brighteon.com/ Frame 4CB0 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/c3902b87-f734-4160-8c60-e6426b915f18
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 483e80b7-f94c-4e61-be1d-c52b99f45ab8.m3u8 Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 4CB0 402 B
795 B 287ms
253ms XHR
application/vnd.apple.mpegurl 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8.m3u8
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6806f5631d0ca1cbd8c039ee41a5a10cf12daab028592d37f77f1addfca797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f1152026575d42f19_d20191023_m170053_c002_v0001129_t0026
x-bz-content-sha1: unverified:d293041db0bcec9500497677877feac22a5857ab
x-bz-file-name: hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8.m3u8
x-bz-upload-timestamp: 1571850053000
last-modified: Sun, 20 Feb 2022 01:14:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0d51ff383a3-MXP

GET
BLOB 200
OK 480fff6d-d349-48f1-95dc-cda093e7cf3d
https://www.brighteon.com/ Frame 580A 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/480fff6d-d349-48f1-95dc-cda093e7cf3d
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084a90aade0f3c17f3db2d46c6780a950444854df68901839ac4779a5254ba16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 5436
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 580A 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5721f71b8b6e2d1c931c7d168ce59e11b4014b200be4ddb637005da34ba2a672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 5ccd980f-c85a-4177-9768-d2d9b5a78fcd
https://www.brighteon.com/ Frame 4CB0 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/5ccd980f-c85a-4177-9768-d2d9b5a78fcd
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084a90aade0f3c17f3db2d46c6780a950444854df68901839ac4779a5254ba16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 5436
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 4CB0 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5721f71b8b6e2d1c931c7d168ce59e11b4014b200be4ddb637005da34ba2a672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 impression
trends.newsmaxwidget.com/event/ 0
0 110ms
39ms Fetch 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/event/impression

Requested by

Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 893A 487 B
1 KB 45ms
45ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 4bb492c8ded6d8484f7244eacb7758441d16213c3606ad54df5f082df5596ce4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 833
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Feb 2022 01:14:28 GMT
Etag: "5ea5179b9bd2cade48ddf18dfe94f2db"
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CED)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2B93 107 B
122 B 46ms
25ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2B93 107 B
122 B 43ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2B93 19 KB
8 KB 231ms
231ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2285640823069249&correlator=3606280181729988&output=ldjh&impl=fifs&eid=31061814%2C31063377%2C31064151%2C31064987%2C31065014%2C31064537%2C31064868%2C44756431%2C44758228%2C31064019&vrg=2022021502&ptt=17&sc=1&sfv=1-0-38&ecs=20220220&iu_parts=21671350435%3A22674561963%2C300x250-10__sgtreport.com_.___default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie=ID%3Db37c2792741089ae-228be36647cd00a4%3AT%3D1645319667%3AS%3DALNI_MZLLAjFdYQmT2_B6zNWrZedl74_wg&cdm=www.sgtreport.com&bc=31&abxe=1&dt=1645319668115&lmt=1645319668&dlt=1645319667639&idt=459&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1103&adys=6647&adks=1294334928&ucis=nk4sw1pl6ay&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&top=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=498148452.1645319667&ga_sid=1645319668&ga_hid=1801137043&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e0930fda0f03717f2758dc4463f9860713d28b2aaac38b2d6a2adaa7b96f410e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8546
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257052588
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2B93 13 KB
10 KB 88ms
51ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021502&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39599694b720f1d903d043ef5096968fdb835a789a0d72d70f20d106f514fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9992
x-xss-protection: 0

GET
H2 200 container.html
94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FBA 6 KB
0 68ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Feb 2022 01:14:28 GMT
expires: Mon, 20 Feb 2023 01:14:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 plyr.min.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame ACCF 34 KB
5 KB 122ms
52ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.min.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9688365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4565
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-11d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jWnr5uR4jUqTz4eOBGWPeGn7v9CzjY4cY0cmgHAumwgpbQullVLo7bWU2f08813%2FWkuX1RI9cBVQMDIv4iH0yYupUmpvkTOyDTRYmPljkg7oMgLi0w7b750CDmzUM%2Fnj134QXXABw%2Bft57zaPdr4KhQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658f5839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v136/css/ Frame ACCF 2 KB
931 B 32ms
32ms Stylesheet
text/css 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/wfeJmkVoLbFg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3904
cf-polished: origSize=2280
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"8e8-5d6e02c29e919-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SWcgWDfSRmQ7OCaOO0OoyB2jSg3U2FKP1e5a6s3mel4vR9bTFfA3lrukT3R5WwHGtRGZWPzui1yxqUrCVAJ3LZP4HTG3KD98g2O1O%2FSbKSzC4p%2FmRWKWiFGWtRup%2FnQtzk%2Bpx1UaJTMHuDjKfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e03e0d5dab33752-MXP
cf-bgj: minify

GET
H2 200 api.js Show response
www.bitchute.com/cdn-cgi/bm/cv/669835187/ Frame ACCF 35 KB
9 KB 47ms
45ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/wfeJmkVoLbFg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wv94jDErg%2Bg3jb5qdbffFeWmTqIDqFjPFF5OhXgZSZLMzlnqY55CHHsfr3geo%2BrVi89SXvAiWBsg%2BtqAnfxTS%2FHQ%2F39Wj%2FjrYyMIh1Z%2BKxJCTWs8%2FdWR9ah7SXvFm4jnPGK%2BXIj4ZE7%2FcCxb52E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6e03e0d63b0f3752-MXP

GET
H2 200 s8ZeDLTDDnpiKGmcyWzy7c0Q_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ Frame ACCF 44 KB
45 KB 242ms
127ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/s8ZeDLTDDnpiKGmcyWzy7c0Q_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

44e0a88582d67790424d5e04b1752bc37a9296179eaf14caf302e02844629cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cdn-edgestorageid: 860
x-amz-request-id: tx00000000000002abc4ba8-0062105d9e-d1bfb72-nyc3a
cdn-cachedat: 02/19/2022 03:01:50
cdn-pullzone: 89010
content-length: 45184
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Sat, 19 Feb 2022 02:33:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 280f57f7b50608974e370912b5f1d494
accept-ranges: bytes
cdn-requestcountrycode: SE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame ACCF 95 KB
30 KB 126ms
111ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 191861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BJp02AryyTFI4ef4fnTln7OXCnxIonD9a1DBoDWtIgxb%2BaNcx00maA6HzR6fvAAPpLzG%2Feyul7kMXE4bqE8IjAR0d6U2YiTCvb7su8gueM%2FdLznCqM6kHdhGKz39OSaaDbX7oaZFR9830okfqxT63Da"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658f8839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame ACCF 142 KB
39 KB 72ms
57ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2616313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39788
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-9b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGZITe9bjkZwzBTmdvr%2BrArp4JbC6pTUcoS5VVX4ji4BWgrxpocgrmBRZYBkkX9%2Fn16%2FefFBGMqdUjIG4bPd%2B0ARLBhEWdUhGTxfsWoiXyCU0wd2vnPsz78OiyBTqvV%2BNlRe97LXOr%2BSnRir%2F8zB%2B1hx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658f9839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.js Show response
www.bitchute.com/static/v136/js/ Frame ACCF 160 B
422 B 59ms
57ms Script
application/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/wfeJmkVoLbFg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4452
cf-polished: origSize=262
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"106-5d6e02c29c9d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhmuqyKQ%2BJuYL0Xey8FRDEE7YDiK4l86GZbfx1ewjiLOWSyTF3WHt8dDWuAMkn5oXX9xbV7%2F1XvWSS%2FK68aaaY79CDwBVnNYIZr%2BU5ZiLf1C%2FFBIn34NHCfcP%2BKxWyk6zEl127bkmEx03PKcyKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6e03e0d63b0e3752-MXP
cf-bgj: minify

GET
H2 200 plyr.min.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame ED0B 34 KB
5 KB 120ms
51ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.min.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9688365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4565
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-11d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXeE6mhkvdHEbXsnkYweydTP%2FsUxjWeE%2FDZfkbjqaOJpby16F7O5er6xF%2F13upvcvgRIrbHMOWKRkd%2FL5KLsKgbuiqpaP%2BOTKlTa1WRR%2BS%2B4KTgvInMY4MsmIFZGgto3462VT7pZXm3Vm6gAKcGc%2BOn2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658f6839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v136/css/ Frame ED0B 2 KB
787 B 32ms
32ms Stylesheet
text/css 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/7KtixRT9tVfw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3904
cf-polished: origSize=2280
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"8e8-5d6e02c29e919-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKsTW40ajCpq1USf2TFBLTYAWLsPRk3lwQO08UIiqHANwntvQZ5bXBs7W7hlvzbHvEVZS7IxqXx0aj7MPbGCaJyJYKaS31ptoYqsnqeWXeiakQ31cbQdecBNVIXCuVwXi4tioYyfiDKcR1DCdoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e03e0d5dab43752-MXP
cf-bgj: minify

GET
H2 200 api.js Show response
www.bitchute.com/cdn-cgi/bm/cv/669835187/ Frame ED0B 35 KB
9 KB 49ms
48ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/7KtixRT9tVfw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPebnTPG77sioGZ76ji17uNnc%2FQh1h31wQrstk%2B5%2BONfF4kKX3MigpS%2FUpRDLQqffP7xqgBmfFXuorN3uuh0xhpASWlkLeeDNErEd8D48JNOPQGAqtWBrjJCd4SwkQfOhDXXLt0kA%2BkmJm4925I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6e03e0d63b113752-MXP

GET
H2 200 7KtixRT9tVfw_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ Frame ED0B 43 KB
43 KB 278ms
163ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/7KtixRT9tVfw_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

a6ed81333c60dc92383080cee7cbac3a06bc6fed9e1a298b4822c6bed4684ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cdn-edgestorageid: 756
age: 0
cdn-cachedat: 02/17/2022 05:17:58
cdn-pullzone: 89010
content-length: 43856
x-amz-request-id: tx000000000000007dc657a-00620dda85-d1a82d1-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Thu, 17 Feb 2022 05:04:27 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 4e7da397525f10130853cc2c22a6e0ed
accept-ranges: bytes
cdn-requestcountrycode: SE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame ED0B 95 KB
30 KB 120ms
106ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 191861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbNjMu1sltEwaWZ0unVW8uXyaw5%2BsHWmLaGHCFnf2e7GGDs7krremF6I3HO9wuH7GCWuvVcG4UalyakWrl41f9eHIEw9qOYLSCqkCEDC7OWAuk66ZOtNYZ1Cyzz5Boa3XmllTltaK8CDcy9UiL44EtSY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658fa839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame ED0B 142 KB
40 KB 125ms
111ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2616313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39788
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-9b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfR0pLywODZX%2BfSp5VL9aAxLP8D%2B59RPddS87pcJqRoHqBeEo8sOdpGqb9%2FJTkzmLxUK%2F3OTN6CPnoEIP2T7DNEmfnngm7ut5N7Ztx9LVG9fiK0OxA5Jtmrsx2d2ccHLbnUvx6Fuw3a01zXckZKQqHEc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658fb839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.js Show response
www.bitchute.com/static/v136/js/ Frame ED0B 160 B
609 B 57ms
57ms Script
application/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/7KtixRT9tVfw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4452
cf-polished: origSize=262
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"106-5d6e02c29c9d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsfW%2BGx1SrCmgHZVFLcVMM7A9hAQbJCwbbw5E1YEMa5VJ2Z7wV5mTSNDjE%2FAYlV5sALTNv02QuHfhwJBIICGz5f6NtayCxHqzmHXeehx6Qsk56GlzZ6ig8cfwRz23SLlZyNzXScamdCA%2FbtT%2FYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6e03e0d63b103752-MXP
cf-bgj: minify

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 39ms
39ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 104ms
40ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Mon, 07 Feb 2022 19:21:52 GMT
etag: "1644261712"
x-hw: 1645319668.cds051.fr8.hn,1645319668.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4249
accept-ranges: bytes
content-length: 4298

GET
H2 200 moatad.js Show response
z.moatads.com/revcontentdisplay556968265165/ 299 KB
102 KB 194ms
78ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/revcontentdisplay556968265165/moatad.js
Requested by: Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 68814226308e00c710140755047d487d81f70919819df2726ed98ad5c3f45bdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:35:36 GMT
server: AmazonS3
x-amz-request-id: EGNQ1PFQWRV8R3S2
etag: "078754c5a0bbc8e20227e031f3641622"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=21678
accept-ranges: bytes
content-length: 103596
x-amz-id-2: SFRhJqRiKi3K2XrdSWKoUNO1YAOhhMe8Z96ujveuhU9TGNu2zM485+Ihm2sLgg2aLGexkatJy0I=

GET
H2 200 plyr.min.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame CCB7 34 KB
5 KB 90ms
49ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.min.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9688365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4565
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-11d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyUYcxOnmMQKHL61dIs%2B4rYYOzLxhvSbiA5OSi00GeQgQJCPeyOVT53Smi2ien3uC80T0Jq9CtNPJ0GhUcoNnid%2BB5eMzNc3J3fg2El8fFBW9n58Xs9sHx1QpmI4N5yUg2r%2FFw3FkRvqoAccDmqtKevt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658f7839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v136/css/ Frame CCB7 2 KB
798 B 47ms
47ms Stylesheet
text/css 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/9XKVqMYUAydU/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3904
cf-polished: origSize=2280
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"8e8-5d6e02c29e919-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhr%2Ferqk0othipsfntV6zx5w9qXBlLHDro6O0ghOo%2BgVF8KF5xBA4Ftf%2FeK4zaX7HL8rmTN6te8hIxXBPCmdyMip%2FfNteGnuR%2Fm6KI0Y3PM%2Fz0JwtdNvYmxZLYewZLjTI%2FIVrF%2FVmiXGpjeIVpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e03e0d60ae03752-MXP
cf-bgj: minify

GET
H2 200 api.js Show response
www.bitchute.com/cdn-cgi/bm/cv/669835187/ Frame CCB7 35 KB
9 KB 53ms
53ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/9XKVqMYUAydU/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOVm6FxfWVTBK1HnBm7wzylT8QjEqWVl8wVFv4WWn8jl7rkqUm4YIgGdmPDdeKRMQYyEUTe%2BUnjQAMfWFN7bzWjFXb%2Fn9Q6tkhQxYv3PyvBaPsDe7jXYGQsLCiCGCwW6exM%2F%2FD6SzNoeO6h8qs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6e03e0d63b153752-MXP

GET
H2 200 9XKVqMYUAydU_640x360.jpg
static-3.bitchute.com/live/cover_images/nLPcg68RnP97/ Frame CCB7 45 KB
46 KB 274ms
163ms Image
image/jpeg 89.187.169.15
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/nLPcg68RnP97/9XKVqMYUAydU_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-632.bunnyinfra.net

Software

BunnyCDN-DE1-632 /

Resource Hash

86dd4bfbc12652e2d8490e072974c8eba755d51c3a1d02a0859ea19917ae5a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cdn-edgestorageid: 860
x-amz-request-id: tx00000000000002a38ea8e-00620eefc6-d1bfb72-nyc3a
cdn-cachedat: 02/18/2022 01:00:55
cdn-pullzone: 89010
content-length: 46283
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-632
last-modified: Fri, 18 Feb 2022 00:49:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: 224c032bd64baba9044a20da471cf8e7
accept-ranges: bytes
cdn-requestcountrycode: SE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame CCB7 95 KB
30 KB 63ms
52ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 191861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fISlBc0N4ovFADd8k8GoG3szEIsvX1fUfPVEkxPfQvHhPcZ8%2FaqYJ80d1Wv9ej%2FsVhmnzHzPQgmnhS9fk1YMn5ly%2BWfL97IgyKBKlzqBXtt5HzMx296ok3gR63YeZwubBZqk%2BvlGfBoStlPMv8qemgRh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d658fc839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/ Frame CCB7 142 KB
39 KB 122ms
112ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2616313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39788
timing-allow-origin: *
last-modified: Wed, 13 Oct 2021 13:03:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6166d91d-9b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heHDFDgQWgDAB48TFcUAA%2BS9brZljvtC22bhCOMnU%2F10n8rmuatiUQ3faKri1VGmL1HITph%2FRhIL2j4Z7EfEv1nUafzO%2BwJ3MO%2ByjNj%2FQ6pvQzw53AXxEBalF%2FdqGQqsaQelBjMu2w2rn7370lVqchHN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e03e0d69974839c-MXP
expires: Fri, 10 Feb 2023 01:14:28 GMT

GET
H2 200 embed.js Show response
www.bitchute.com/static/v136/js/ Frame CCB7 160 B
450 B 55ms
55ms Script
application/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v136/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/9XKVqMYUAydU/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4452
cf-polished: origSize=262
last-modified: Mon, 31 Jan 2022 12:46:25 GMT
server: cloudflare
etag: W/"106-5d6e02c29c9d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOYrmvSWyIw0xVSd1J6iqTcWg7bw2o1tuzNb5o82AjIeZxpgCvKSLas4Ip2qfWwgE4ShUwueAS0%2BFnLV1z7mZRjRp0mDYDz3Vfrgx1Hcib2bZ9NupnLB%2FfTf71RQ1h4pBnoeN6kc9jwjFMM%2FgBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6e03e0d63b143752-MXP
cf-bgj: minify

GET
H2 200 HR-Black-Cumin-Seed-Oil-LM.jpg
support.brighteon.com/ARF/ Frame 580A 20 KB
20 KB 52ms
52ms Image
image/jpeg 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.brighteon.com/ARF/HR-Black-Cumin-Seed-Oil-LM.jpg
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6f2bbaae1b76aca3c0c61df2740f894c224e7666a37fe3c9f8ec8f2530f9bc93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 15:33:06 GMT
server: cloudflare
age: 7184
x-powered-by: ASP.NET
etag: "85236fa0f6b1d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e03e0d61bca374a-MXP
content-length: 20752

GET
H2 200 HR-Black-Cumin-Seed-Oil-LLB.jpg
support.brighteon.com/ARF/ Frame 580A 43 KB
43 KB 48ms
47ms Image
image/jpeg 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.brighteon.com/ARF/HR-Black-Cumin-Seed-Oil-LLB.jpg
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ab6fc86dae4738e21d6959ac06fce52b7a38061a8ee36d877b03668489338962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Nov 2020 15:33:06 GMT
server: cloudflare
age: 7184
x-powered-by: ASP.NET
etag: "d547aa0f6b1d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e03e0d61bcb374a-MXP
content-length: 43978

GET
H2 200 GB-Detox-Foot-Pads-LM.jpg
support.brighteon.com/ARF/ Frame 4CB0 20 KB
20 KB 442ms
441ms Image
image/jpeg 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.brighteon.com/ARF/GB-Detox-Foot-Pads-LM.jpg
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 33bc78d49e3993b23f88b400358f82db81fbadb7f281958456284297965e2e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jan 2022 15:33:22 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "5c0ff9007d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e03e0d61bd1374a-MXP
content-length: 20319

GET
H2 200 GB-Detox-Foot-Pads-LLB.jpg
support.brighteon.com/ARF/ Frame 4CB0 44 KB
44 KB 304ms
304ms Image
image/jpeg 2606:4700::6811:a64e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.brighteon.com/ARF/GB-Detox-Foot-Pads-LLB.jpg
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a64e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c046dbae11e24af96e2b9474b73d66d939f4797d56f0fe047b6b0b3373d9d273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jan 2022 15:33:22 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "5e55d9107d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e03e0d61bd3374a-MXP
content-length: 45313

OPTIONS
H2 204 yeet
yeet.revcontent.com/ Frame 0
0 470ms
121ms Preflight 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: *
access-control-max-age: 43200

OPTIONS
H2 204 yeet
yeet.revcontent.com/ Frame 0
0 468ms
120ms Preflight 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: *
access-control-max-age: 43200

POST
H2 204 yeet
yeet.revcontent.com/ 0
0 112ms
111ms Fetch 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT

POST
H2 204 yeet
yeet.revcontent.com/ 0
0 114ms
110ms Fetch 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Requested by: Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame EB33 368 KB
109 KB 63ms
63ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=ajaqdoabmxf&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS7Qh4LAAzRNc%2FlJNjs68ltpvjnbBEbax7ycqF267Fo6nFR55BQg%2BNbEdFodJd6YTGI7H86B5YwhiRg4lYrN%2F8UGUuUUdRqcDYbwAc8jXYl4kxksEmtWD50%2FxsTMKD%2FZrADoTCjNAPsBKs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d638f5d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 4786 368 KB
109 KB 73ms
72ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=qgldyytp&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6u2%2BLBwkU%2F%2BGKlMeWQgLQAkb%2F8gRZYUqPMSpW%2FGnvEPZctHjWn1db8nsVS9LwG%2FHN2Fx%2Buz%2FatxteoO7NvX9rJhk92h9JIe84oM6VC5x9cFn3IqncpfR8lPIuhkbkjefKqqf3ewk%2Ful8U0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d64904d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 75B9 368 KB
109 KB 105ms
104ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=zfnjshxzl&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEjmzLnOv9lCCNGbs2E8ZvZf8hrMkBtidFWG2DJEkSB7ccNZ7tXCl3K6TC00Qw41%2Flxjlg15I4VnFCX%2FZSYLNNhsilQbn46apyBYvMpK4UkmlWE3Rs2D7KFqkEWdj13SgNvjkxf5PdmARe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d65911d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 8C7A 368 KB
109 KB 96ms
96ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=itvuazad&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1ckUbyDMzkOfFJrZyJJrmZtc8kCOQTmVplrwk9arKiLxTNEPmnjWG3QoWvF10oCW5Yv5%2BV2OX4u3G8xT0W%2FqFwc2VkoeqUCYCsgjJOAsBQSMPUhiDkaXTT4a%2F0Xgt4THiz9lcgRUHyGbdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6691dd610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 0CE3 368 KB
109 KB 90ms
90ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=xbfojoa&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dhKtk1wBtTVIdbDblRhl9jYwXayxBr3OD279zkXICI2fBqIxkELwNOPiSuMGm1jAz0jml65zfQytW9II7XiYUZjD6lkGbLDympRmo3NeyZ1BeAXzFKQxorRgF7aOCtmGGNnoDeTDo8%2ByhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d67924d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 25AB 368 KB
109 KB 86ms
85ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=dsrziibjt&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ett450e%2BlRC0INeiNfmbpg3j0KSkJGudZkaIRDiY0Qt%2BB05gpNw2C5%2FFuRnc3GhsLbu2M%2BnkdnekPGmOqut4Aqk58D8TsZI6%2FeNfoB9Yc8m0Giw1q4XO8WX6wRC8y3GAOuqnLG5zC%2BcGPcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6792dd610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 219E 368 KB
109 KB 81ms
81ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=eunjajs&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00jS0HukPOE77s2X2QvNiD7%2B0VVnYfaMEjDRFRCOZpirZMURJMjYKb9961CqzHvkQ%2B4O69dQbjlfnV1%2BVM9ai0JSUhW3oWndhkHYPi5jQPyscszyTeLvr9fL96E%2Buwu53sdfHzZcM1oq9yA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d68934d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame D9BD 368 KB
109 KB 76ms
75ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=lmsaqvyf&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKqiyGKLwU%2BRvlvdN8%2B3nckp6qsRTwT2pZy0WWPMPxzMLnuDxd%2FQCBBOAcUxM5k8gKXv78eMfDFVHVkdK8k0Yp3yzniPvr%2BGJ892GYkBRyfGtAQ9hB3Xz9tW0XCHAzMvbZfnhzDoeK9v0Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6893dd610-MXP

OPTIONS
H2 204 yeet
yeet.revcontent.com/ Frame 0
0 360ms
122ms Preflight 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sgtreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: *
access-control-max-age: 43200

POST
H2 204 yeet
yeet.revcontent.com/ 0
0 111ms
110ms Fetch 34.202.18.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.18.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-18-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 4084 368 KB
109 KB 99ms
99ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ltx%2B36Svl94pV7ab2K7q4m7hmAvK6gyZLJyz%2BTd7l%2Ffuc4vOGJDarCwuBl%2F8KvANoymBCD4spbWpkIpaQVIzvingZjDeio0Os%2FY9gdykME48tSkuasCWCokGQMGTZc9%2BwTBrXGtknwffMpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6d95dd610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame 07EB 368 KB
109 KB 104ms
103ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=drqex&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r2CKXU4aOm3zkPrVrOQSD%2FtQ9n7BKP%2FcV2ZipKTQbNGObHuL8DfquAd7xx9%2BdVHZPHrDtfj6L4Fl%2BsTPR8eXMPP3johj4nKk%2FS%2B3e8%2BUFO9tXzcyJVkWefEw6dt2s1RYWQLc7hNzOlbEzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6e963d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame DBAB 368 KB
109 KB 108ms
106ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=hhgkapmva&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0lxXtjoGRagg29i%2F7Nkdh6Rmgk4vOKyiX4qD7WHJPX%2FfTESTTHppNvqtbigO74imqv%2FGUl1N2BEqvXR%2F5rIVB2AgMOChCGLMNK8JvqR7q949wmnvFHrH9y6k2xDPPGHaG2XRaGbzHrgbfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d6f968d610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame F0DA 368 KB
109 KB 101ms
100ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=fdnhadlr&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrPh6%2BUn6QOq6u1oLn76d4frTm1PEGmqgMPBz%2B4TIW90vyZgiLMcfiD9B1gWG69RBd0%2FBMVu%2BmLXhOZZg3d48G5MzHAwpgyFiezUfEGrlkVnh9mWQFBcW0B7n8dALFnKjcaB9%2Fp2m8Cmgz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d7096ad610-MXP

GET
H2 200 prebid_v4_38.js Show response
hb.adpone.com/ Frame DF1B 368 KB
109 KB 102ms
102ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid_v4_38.js
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3881
x-amz-request-id: K70PT9GK55VG5CJT
x-amz-id-2: zJwo93esFCFCtCgJhfENE1a0SuCv3OTp6PUHQlko1tpxFh60H4tq+rdSjPsmd8aid3H/LUxDleI=
last-modified: Thu, 06 May 2021 15:08:19 GMT
server: cloudflare
etag: W/"7b65367c2b7d17ba775fd50c2af1cb3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcKopLK8tfS3bpowlwihVeXVDAjHO70LomLv0ERdhuphoa5UOnK4trWQS8xy7xeX5W%2FyxxlYL6UOBuPmHQ%2BHG1ha1Lrd5OXX4nuLfLvCHgoKz%2Faxef7fWP2cNoWW2omT8lJTXo7VcvqXKKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: NFoDUqG2AoPI5mkmow9ikGD2x.8e.Nyt
cf-ray: 6e03e0d7096ed610-MXP

GET
H2 200 61dd286111f3f8-26016541.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 6 KB
6 KB 306ms
32ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61dd286111f3f8-26016541.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4f0c8988f237d3f04725d272730489e6447349663a84b939673af3c89cafa5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=178;cpu=1;start=2022-02-19T08:39:14.527Z;desc=miss,rtt;dur=0,cloudinary;dur=84;start=2022-02-19T08:39:14.577Z
content-length: 5874
last-modified: Thu, 13 Jan 2022 08:55:01 GMT
server: Cloudinary
etag: "82163d0cb268aa3084e9d447d4986f20"
vary: Save-Data
x-hw: 1645319668.cds165.fr8.hn,1645319668.cds250.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 61de43b704d3b0-07876925.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 7 KB
7 KB 308ms
40ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61de43b704d3b0-07876925.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5b132f264eb2085089de42efb8195060d66a227e23b4fa6c36cbed97fddd7db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=181;cpu=1;start=2022-01-31T18:45:04.832Z;desc=miss,rtt;dur=0,cloudinary;dur=89;start=2022-01-31T18:45:04.878Z
content-length: 7099
last-modified: Fri, 14 Jan 2022 16:54:01 GMT
server: Cloudinary
etag: "c65d76668c34756a241e8f911ecd25e7"
vary: Save-Data
x-hw: 1645319668.cds165.fr8.hn,1645319668.cds218.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 61dce8930dc1b2-60680381.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 3 KB
3 KB 315ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61dce8930dc1b2-60680381.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bc0c4af3d6b8125b7da52037f168c2e8850455784e22cd4bb610b53edd79d8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2022-01-12T09:08:43.597Z;desc=hit,rtt;dur=0
content-length: 3029
x-request-id: ca7c8915600b9bae9ffaf38d5a6ac303
last-modified: Wed, 12 Jan 2022 07:03:20 GMT
server: Cloudinary
etag: "6b937d5ee5bf6d1f356f2654b5d58a8d"
vary: Save-Data
x-hw: 1645319668.cds165.fr8.hn,1645319668.cds108.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 61de319d63b2d5-36042805.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 9 KB
9 KB 314ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61de319d63b2d5-36042805.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ddc157a31bdb1da20d944525c69d156e9736f389ebb2ad98a272e1d8a124dfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=309;cpu=1;start=2022-02-10T11:58:50.547Z;desc=miss,rtt;dur=0,cloudinary;dur=43;start=2022-02-10T11:58:50.768Z
content-length: 9128
last-modified: Wed, 09 Feb 2022 08:15:39 GMT
server: Cloudinary
etag: "0909433d0f7b88b969f5e33d18300d65"
vary: Save-Data
x-hw: 1645319668.cds165.fr8.hn,1645319668.cds275.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2B93 17 KB
7 KB 205ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:14:28 GMT

GET
H2 200 f696c4e0d8939524ecbe042458a738b2.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 270ms
49ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/f696c4e0d8939524ecbe042458a738b2.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

106f488d10b1b8803b112b54b9689352dd017c267dc242c0ebb9e01f61fd961f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=311;cpu=0;start=2021-11-11T17:43:52.438Z;desc=miss,rtt;dur=0,cloudinary;dur=220;start=2021-11-11T17:43:52.478Z,cld-id;desc=45b18c3ca77f8ac42e880198780bc829
content-length: 2605
x-request-id: 45b18c3ca77f8ac42e880198780bc829
last-modified: Mon, 04 Oct 2021 15:36:40 GMT
server: Cloudinary
etag: "3c37c04437e69c7644b0eb37cffa54bd"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds130.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cd7a4e1d502318917abdff0b64891004.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 265ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/cd7a4e1d502318917abdff0b64891004.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e014b0de4181588c8b41d9365279b9595c075f1867bc6d0fdd3df1e5b0c450c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-tag: 289116265793513289692241169005474135047,285317283454720172637650981298931656811,578c3b63e33b327d463a78e9f3c3e28a
server-timing: fastly;dur=2;cpu=1;start=2021-12-06T18:48:38.929Z;desc=hit,rtt;dur=0
content-length: 2866
x-request-id: d5cd7f79e4dbabb764113ca359110a4a
last-modified: Mon, 06 Dec 2021 18:04:50 GMT
server: Cloudinary
etag: "96c54463e03c12b4a97d97693b0d0a46"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds122.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 354875dacaa6fa28430cce054c1e8971.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 269ms
54ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/354875dacaa6fa28430cce054c1e8971.jpeg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

64d77f716023e0e9d43e7709e3d47a3031685209da1f096474e2a2d525e22012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=257;cpu=0;start=2022-02-10T12:15:48.826Z;desc=miss,rtt;dur=0,cloudinary;dur=164;start=2022-02-10T12:15:48.872Z
content-length: 2833
last-modified: Wed, 08 Dec 2021 02:03:00 GMT
server: Cloudinary
etag: "6c398549664e6169e95101be565c3f6d"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds280.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6179e9cb646af8-66310518.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 266ms
52ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6179e9cb646af8-66310518.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b967814a2d7a9df60a14c51834e77e18668ee8fa94bb0d6e5fd0ee96448780a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2021-12-08T18:27:16.263Z;desc=hit,rtt;dur=0
content-length: 3321
x-request-id: c108b8de2bb9837c5a78abcb0ef4954b
last-modified: Thu, 28 Oct 2021 12:08:30 GMT
server: Cloudinary
etag: "e7029afa278c51e3f0e6f1d4df587010"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds279.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15640404341084736444.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 118ms
54ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15640404341084736444.png

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d5219f1eb6dfa189dcaca9cd7fe84ba81e6b60303d61b0a231b7a982b37f2839

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2022-02-02T23:18:31.148Z;desc=hit,rtt;dur=0
content-length: 2891
last-modified: Fri, 12 Nov 2021 21:41:00 GMT
server: Cloudinary
etag: "be17e56b71a396b56b1ec66bd52321b4"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds268.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a10ce685ad71cde61e7992907f95e4ae.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 3 KB
3 KB 72ms
60ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_94,w_125,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/a10ce685ad71cde61e7992907f95e4ae.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3d622d612bf87f99b956718128a940daccde3b6e8a39609341cc7fc8dbea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=514;cpu=0;start=2021-11-11T17:43:30.660Z;desc=miss,rtt;dur=0,cloudinary;dur=421;start=2021-11-11T17:43:30.704Z,cld-id;desc=80bb4bb85c2fc7a0504ae9ce02edea9d
content-length: 3102
x-request-id: 80bb4bb85c2fc7a0504ae9ce02edea9d
last-modified: Mon, 27 Sep 2021 17:12:44 GMT
server: Cloudinary
etag: "82226fdba4dd1b7bc5f512a82eb48fb5"
vary: Save-Data
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15271120062018314638.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 7 KB
7 KB 61ms
59ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/15271120062018314638.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5d5842dc9639afb56fbbdf76a73c3432dc52d10687d807cbe25ddcd49e7a251c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=322;cpu=0;start=2021-11-11T17:39:19.739Z;desc=miss,rtt;dur=0,cloudinary;dur=230;start=2021-11-11T17:39:19.783Z,cld-id;desc=3730cce1c73a9df1459a961731ffa9eb
content-length: 6690
x-request-id: 3730cce1c73a9df1459a961731ffa9eb
last-modified: Mon, 12 Oct 2020 18:14:08 GMT
server: Cloudinary
etag: "b4208454a0930ee44c665556ff463182"
vary: Save-Data
x-hw: 1645319668.cds165.fr8.hn,1645319668.cds127.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.m3u8 Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 4CB0 44 KB
5 KB 257ms
257ms XHR
application/vnd.apple.mpegurl 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.m3u8
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e4510dcb38f09724ca8f83149e86380a49547ce1cac436dbc42c5084d3adb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f1003977afa59cdfa_d20191023_m170059_c002_v0001127_t0005
x-bz-content-sha1: unverified:4d305c33d727791b48bbddbfe2d1ce693e062fe8
x-bz-file-name: hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.m3u8
x-bz-upload-timestamp: 1571850059000
last-modified: Sun, 20 Feb 2022 01:14:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0d77af483a3-MXP

GET
H/1.1 200
OK embed.runtime.5c0ce4294115824be9df.js Show response
platform.twitter.com/embed/ Frame 893A 10 KB
5 KB 93ms
92ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF4) /
Resource Hash: 50eeef5ff2a14eb9e3a2b73c71fb979b305bde79c0188a7c2eda91cfd460c4d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 4452
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CF4)
Etag: "49881e1c89eaa61a09872b206ad15066+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.modules.eba5affb81872f47ca2d.js Show response
platform.twitter.com/embed/ Frame 893A 520 KB
166 KB 175ms
80ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.eba5affb81872f47ca2d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: 1065275418c8a6f65c4bf7d6404b7754154d0cda31e9219618d985e95f1bb8ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 169240
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE9)
Etag: "2770cee84b04f14e89696c885f2e316b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.i18n.af5dcec662979be25e3f.js Show response
platform.twitter.com/embed/ Frame 893A 2 KB
1 KB 294ms
58ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.af5dcec662979be25e3f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 0c590833c3efc6b446f99216bab1bf86915f31bc42f523819d3516d5af16d93f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 794
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE7)
Etag: "892af46a16830e93daf8866448d2bcec+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.488fc64efa87ae14897b.js Show response
platform.twitter.com/embed/ Frame 893A 15 KB
6 KB 293ms
59ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.488fc64efa87ae14897b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: ec48adc0eb52a39b29e72352928e5b96942815fb441b13cf146fd22449b0a657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 5557
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CF8)
Etag: "ccfa2ce4dbdde65609f623dcee304d74+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 61de43b704d3b0-07876925.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
9 KB 36ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61de43b704d3b0-07876925.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

53e9c55fe5f41157dbad4bbe10102027c3ffefac20698f2acdc9bdb554aaed59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jan 2022 07:13:25 GMT
server: Cloudinary
etag: "cce0d2c6fd469c87be2002304a9716c3"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds141.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=229;cpu=0;start=2022-01-13T07:15:26.929Z;desc=miss,rtt;dur=0,cloudinary;dur=126;start=2022-01-13T07:15:26.983Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8516

GET
H2 200 61dce8afbed679-54152602.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 36ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61dce8afbed679-54152602.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8127f77395ea22632cc347769b2039e986290e61e60be6d6646c287b3f948a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=431;cpu=0;start=2022-01-12T07:03:56.179Z;desc=miss,rtt;dur=0,cloudinary;dur=326;start=2022-01-12T07:03:56.230Z,cld-id;desc=e6f64fd5fbbf39c1b14d1ea604486f6d
content-length: 7300
x-request-id: e6f64fd5fbbf39c1b14d1ea604486f6d
last-modified: Tue, 11 Jan 2022 17:13:19 GMT
server: Cloudinary
etag: "b8949b7f02c87ee8ab29015a44dfe392"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds203.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 61dd286111f3f8-26016541.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 55ms
53ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61dd286111f3f8-26016541.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

097dc43e7297a50b464d4ecca90ce3b316d3f83b08ffa3c15c7fd10e12626c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Jan 2022 09:15:11 GMT
server: Cloudinary
etag: "3618119ed316a65a2c738462f6821526"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds120.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=153;cpu=0;start=2022-02-19T08:14:56.055Z;desc=miss,rtt;dur=0,cloudinary;dur=63;start=2022-02-19T08:14:56.100Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8822

GET
H2 200 61de319d63b2d5-36042805.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 55ms
53ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61de319d63b2d5-36042805.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

550e56d3d1dda39b665b2d9f5f5a0baf52e4a0d6fddd58df93f9e4bb3bd57a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=574;cpu=0;start=2022-02-09T07:51:14.411Z;desc=miss,rtt;dur=0,cloudinary;dur=481;start=2022-02-09T07:51:14.458Z,cld-id;desc=0b8f1b7ab9eaa1225d869e2c7bea7723
content-length: 8919
x-request-id: 0b8f1b7ab9eaa1225d869e2c7bea7723
last-modified: Wed, 12 Jan 2022 16:48:15 GMT
server: Cloudinary
etag: "23b1ab9b55cbb5a14d125027b456f73b"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds160.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6124007873d918-45862048.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 16 KB
17 KB 68ms
66ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6124007873d918-45862048.png

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5c5fc410302a7a12d002eaf4eccd0f449d14d2762b285e40bd77aeb9284ca200

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:42 GMT
server: Cloudinary
etag: "80d9318509291eef11fb68d09975dc36"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds264.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2021-11-11T17:41:48.049Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 16840

GET
H2 200 613f333bc3e010-26406824.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 6 KB
6 KB 74ms
73ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/613f333bc3e010-26406824.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

43cad54fa49cd302457202e6a49424c81b83f5dd42b90d2a3fd011ee4cbc7e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:12 GMT
server: Cloudinary
etag: "6203df3590add85bc3d0a024cedfd9cc"
strict-transport-security: max-age=604800
x-hw: 1645319668.cds278.fr8.hn,1645319668.cds241.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=263;cpu=1;start=2021-11-11T17:39:19.457Z;desc=miss,rtt;dur=0,cloudinary;dur=168;start=2021-11-11T17:39:19.504Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 5934

GET
H2 206 6615525.mp4
media.newsmaxwidget.com/cr_videos/153933/ 712 KB
713 KB 98ms
21ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.newsmaxwidget.com/cr_videos/153933/6615525.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d52a6ea786ff9e126ab92ed7da47b2d5c4d2e95e2f223e3cf92c6d4d987909

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 03:02:10 GMT
server: AmazonS3
x-amz-request-id: 5NKG3935J43N865Z
etag: "f07814a015edff0dfd276c25cc070ee7"
x-hw: 1645319668.cds217.fr8.hn,1645319668.cds007.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-729263/729264
cache-control: max-age=3600
x-amz-version-id: uqBNmd3ooF6_I0_K76XRuW7iLGIGaxOp
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 729264
x-amz-id-2: N7/eFcwlokre6ZlSVWglRcqiKVke3RAJNLEzKnKqAWc4j0RAXL6kNebI8RaY+YCmF8SmJkyhS3k=

GET
H2 206 6615617.mp4
media.newsmaxwidget.com/cr_videos/153893/ 712 KB
713 KB 146ms
69ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.newsmaxwidget.com/cr_videos/153893/6615617.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d52a6ea786ff9e126ab92ed7da47b2d5c4d2e95e2f223e3cf92c6d4d987909

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 04:02:42 GMT
server: AmazonS3
x-amz-request-id: E01PJDHNFT02E74C
etag: "f07814a015edff0dfd276c25cc070ee7"
x-hw: 1645319668.cds217.fr8.hn,1645319668.cds283.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-729263/729264
cache-control: max-age=3600
x-amz-version-id: 0VCnh1nUizoj3Y1MCFL_32wSIcxc0o68
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 729264
x-amz-id-2: qqPxG3S3NL4qfTKlKTvG6ig0jmuX2KSnxUYisqIMcG7QbHYu2CDlBJsTqaw4uvQoeqLsaFlTdm8=

GET
H2 206 6609555.mp4
media.newsmaxwidget.com/cr_videos/154989/ 367 KB
367 KB 142ms
69ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.newsmaxwidget.com/cr_videos/154989/6609555.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 456033ad65125f7d688bc3dd3dfb2fc7c55d51b2cede0fd2fca1e87643da6e8e

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Tue, 11 Jan 2022 03:02:40 GMT
server: AmazonS3
x-amz-request-id: NQ2WDNXHQC0PHZNM
etag: "92e10fbabc612d3def7fac115691dc4c"
x-hw: 1645319668.cds217.fr8.hn,1645319668.cds167.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-375547/375548
cache-control: max-age=3600
x-amz-version-id: viHDukaFdqW11IXCGNDSzrIjZkhNvEMW
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 375548
x-amz-id-2: w+FdL2JpafIaFgaLTBBq4/q6sxftdcgoWGisOi+U8dVj0znrqqZvFnLD83k4UYIDlyx2qyVcuCQ=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1836 0
0 102ms
102ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssUwo9obN0FyMj1kKwtpTlgWL_sioY-vAM2jHoeO75B8EkuQA42EDy_QOPOzJiqgielSqQco5l4mOexJRJKF6kRBWFtxtBkXLokzXr3FlTOfjOVguHdQGVh-w3RdzJ3monZ27DV-x0W7W-0_DfPzWKiBZk5o2VOst7OAHgRj8HCvwJBXfCM-_K_nMhD7cd9St0qa0uP_BTgzzsQFNR8-qlRoI2b8oxEr_C4AsmQxHyxbg23euBeGfGlIGxAqefjH_Cme2jx3vUzbBEinEOQET25rmW7ZVlx2tD_EbpQ5xRO_iwtkSU_aDa0H69iYOobrEVUmbzRUUYatWUyDpieBqL-6GfmkGuElFHft3sKXbULKw&sig=Cg0ArKJSzEs6lxnxxZWREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1836 124 KB
38 KB 138ms
69ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:14:28 GMT

GET
H/1.1 200
OK adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 1836 26 KB
26 KB 295ms
54ms Image
image/jpeg 52.218.57.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.57.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Sun, 23 Sep 2018 17:44:28 GMT
Server: AmazonS3
x-amz-request-id: EDKMWDZNAZ8303TZ
ETag: "702b3e474e01427f8af949cf0c7fbd69"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26619
x-amz-id-2: iTe4h+HvVBg5Yixc2OXIJ7cMGLZvZZQUymdsPtnn+FRB8NfMMhZA1pDssMH3Efmc6I5tSbWWUjs=

GET
H2 206 5204815.mp4
media.newsmaxwidget.com/cr_videos/153898/ 836 KB
837 KB 140ms
70ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.newsmaxwidget.com/cr_videos/153898/5204815.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111acce7e0971a1760352091f173318ca13567d1f8fa27d14fa1dd86a91b487b

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 02:01:21 GMT
server: AmazonS3
x-amz-request-id: Z1MZ7HB4KQWRKW14
etag: "b63007b734bdf964c4b06aa7145db6a4"
x-hw: 1645319668.cds217.fr8.hn,1645319668.cds127.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-856337/856338
cache-control: max-age=3600
x-amz-version-id: sBFCIQfEk0elspK5ZKDyG0.VLxlB5CoE
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 856338
x-amz-id-2: v2Mq4fGMACfXL6ta3yXcCXYC5Vxqir6XcRh4orDZj+Bhx2I+tuA10rY77tdbt+p43QNNpICEdjA=

GET
H2 200 61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.m3u8 Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 580A 9 KB
1 KB 256ms
255ms XHR
application/vnd.apple.mpegurl 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.m3u8
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2436a5ae402fe5a0148a672a0e8737499d14a15007ce6a82fce1f9cefd5e8d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.brighteon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f115481fc826c972d_d20191024_m190921_c002_v0001112_t0021
x-bz-content-sha1: unverified:6e1a9ceb57e82bd7cd897ac55486e5de9a5074fa
x-bz-file-name: hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.m3u8
x-bz-upload-timestamp: 1571944161000
last-modified: Sun, 20 Feb 2022 01:14:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0d7fbae83a3-MXP

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 81ms
80ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 81ms
80ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
DATA 200
OK truncated
/ Frame ACCF 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ACCF 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 6615617.mp4
media.revcontent.com/cr_videos/153893/ 712 KB
713 KB 92ms
15ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/153893/6615617.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d52a6ea786ff9e126ab92ed7da47b2d5c4d2e95e2f223e3cf92c6d4d987909

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 04:02:42 GMT
server: AmazonS3
x-amz-request-id: F1MMP2JJGFXQ0TTA
etag: "f07814a015edff0dfd276c25cc070ee7"
x-hw: 1645319668.cds253.fr8.hn,1645319668.cds248.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-729263/729264
cache-control: max-age=3600
x-amz-version-id: 0VCnh1nUizoj3Y1MCFL_32wSIcxc0o68
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 729264
x-amz-id-2: FcAtV6t0ajFHdS01CiCbw86ZyQpw6QCswNMlsNkmqqDE9pi/oSLlebKxyZq1B4Sr2JuS6TEun1Q=

GET
H2 206 6609556.mp4
media.revcontent.com/cr_videos/154989/ 367 KB
367 KB 164ms
94ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/154989/6609556.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 456033ad65125f7d688bc3dd3dfb2fc7c55d51b2cede0fd2fca1e87643da6e8e

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Tue, 11 Jan 2022 03:02:41 GMT
server: AmazonS3
x-amz-request-id: GGQP021MX115Q1S9
etag: "92e10fbabc612d3def7fac115691dc4c"
x-hw: 1645319668.cds253.fr8.hn,1645319668.cds101.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-375547/375548
cache-control: max-age=3600
x-amz-version-id: nO_nPnuQAbQNrIwuUbBz_X8ZiSEOa3dG
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 375548
x-amz-id-2: L4LDIXzOCn4YnRMg0mL0gyDwRlo+e/Sz0uclgKEeCWXSDVZV3OSPg7ZNHLgT3teTXp/pSLBgIfQ=

GET
H2 206 6615525.mp4
media.revcontent.com/cr_videos/153933/ 712 KB
713 KB 181ms
116ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/153933/6615525.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d52a6ea786ff9e126ab92ed7da47b2d5c4d2e95e2f223e3cf92c6d4d987909

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 03:02:10 GMT
server: AmazonS3
x-amz-request-id: 8GWG21YTKV7X0ZNG
etag: "f07814a015edff0dfd276c25cc070ee7"
x-hw: 1645319668.cds253.fr8.hn,1645319668.cds252.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-729263/729264
cache-control: max-age=3600
x-amz-version-id: uqBNmd3ooF6_I0_K76XRuW7iLGIGaxOp
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 729264
x-amz-id-2: g0XxH8IenWN0RJmMAE/Wz98toXikSOMGJZEwDZfsRyPme2jCvFnUP6a1J5CVxeUqLINxFZPWw5M=

GET
H2 206 5204815.mp4
media.revcontent.com/cr_videos/153898/ 836 KB
837 KB 171ms
116ms Media
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/153898/5204815.mp4
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111acce7e0971a1760352091f173318ca13567d1f8fa27d14fa1dd86a91b487b

Request headers

Referer: https://www.sgtreport.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Wed, 12 Jan 2022 02:01:21 GMT
server: AmazonS3
x-amz-request-id: X4N2BNVNS7WEABGN
etag: "b63007b734bdf964c4b06aa7145db6a4"
x-hw: 1645319668.cds253.fr8.hn,1645319668.cds201.fr8.c
content-type: application/octet-stream
Content-Range: bytes 0-856337/856338
cache-control: max-age=3600
x-amz-version-id: sBFCIQfEk0elspK5ZKDyG0.VLxlB5CoE
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 856338
x-amz-id-2: qa1fPEsK3L4KSW7NWZTlRfJHNQQHeil7xK6sClxLNwJB5G4nBMvlakAqUH72s+y8YAr+elE1YaA=

GET
H/1.1 206
Partial Content 9XKVqMYUAydU.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame CCB7 79 KB
0 631ms
275ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/9XKVqMYUAydU.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-25889875/25889876
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 25889876

GET
H/1.1 206
Partial Content 7KtixRT9tVfw.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ED0B 79 KB
0 1596ms
1241ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/7KtixRT9tVfw.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-48242808/48242809
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 48242809

GET
H/1.1 206
Partial Content wfeJmkVoLbFg.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ACCF 79 KB
0 2604ms
2247ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/wfeJmkVoLbFg.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:30 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-70539007/70539008
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 70539008

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame EB33 2 B
907 B 376ms
193ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame EB33 73 B
145 B 168ms
44ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=4df8a338-df85-4218-8c9d-5c883b062183&nocache=1645319668524&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668181&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 42f6e692496470287d379174c331cebaa822f4369de66c4bbc9b7657b951b9ef

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EB33 171 B
553 B 278ms
103ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EB33 12 KB
6 KB 196ms
81ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d6c1006c343168ba2a5b3ebe368b490e7fd9158265a264bcfb41f272a8b32b9e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b0d04232-594f-4be4-964a-6f704bc98193
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame EB33 5 B
482 B 193ms
74ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD00ZGY4YTMzOC1kZjg1LTQyMTgtOGM5ZC01Yzg4M2IwNjIxODM%3D&pt=gross&stid=e8ccea5f-3644-42a8-953c-7dfe8014463f&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EB33 0
212 B 167ms
35ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=44481050500

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EB33 284 B
1 KB 161ms
32ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=4df8a338-df85-4218-8c9d-5c883b062183&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8233092377681464
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3464d676537a0f1d5d3861b61eca4b6887ccea3fa912a2537775ac194ca8cbf0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.9/ Frame ED0B 6 KB
2 KB 170ms
41ms XHR
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.9/plyr.svg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8173205
x-cache: HIT, HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7CX6P38GW7NSPV53
x-amz-id-2: LuNGrXMTZraGmeNu+V1isoRhQeXnHDGCk/R+bSHyj1YctRSpsqlTiRgGVjxB0W3hL4iGAGlyGR4=
x-served-by: cache-dca17732-DCA, cache-mxp6922-MXP
last-modified: Wed, 13 Oct 2021 10:46:58 GMT
server: cloudflare
x-timer: S1637146464.786671,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUbRAeO%2BpxoFfuR1O01%2BaTkWT%2BkgNjPwFC5Cyfso4IXhRVYPRb4LCzUchsOgSlCNG0ArGLiuVTu70WM0bUHHkUnEvnSsaifcSfR0YNbmhB34T90RVJ7pptd9ZupZNSHH4yCy96DReIBFUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 6e03e0d94fc90e2a-MXP
x-cache-hits: 1, 2

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.9/ Frame CCB7 6 KB
2 KB 149ms
41ms XHR
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.9/plyr.svg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8173205
x-cache: HIT, HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7CX6P38GW7NSPV53
x-amz-id-2: LuNGrXMTZraGmeNu+V1isoRhQeXnHDGCk/R+bSHyj1YctRSpsqlTiRgGVjxB0W3hL4iGAGlyGR4=
x-served-by: cache-dca17732-DCA, cache-mxp6922-MXP
last-modified: Wed, 13 Oct 2021 10:46:58 GMT
server: cloudflare
x-timer: S1637146464.786671,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9aA644XbryH%2FcdT5nZm7zDTiR1YgEa%2F1FWF3jo5u4fzOeqxcIda5rlksUuBm07FLCgbWhvDduixpXPEW8rL7eG3n27GOsBDCfuzF7ayh6o6TSJWrzPVYNXnEiz2%2BMH941FhcAcT9jL%2FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 6e03e0d94fcc0e2a-MXP
x-cache-hits: 1, 2

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.9/ Frame ACCF 6 KB
3 KB 131ms
40ms XHR
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.9/plyr.svg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.9/plyr.polyfilled.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8173205
x-cache: HIT, HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7CX6P38GW7NSPV53
x-amz-id-2: LuNGrXMTZraGmeNu+V1isoRhQeXnHDGCk/R+bSHyj1YctRSpsqlTiRgGVjxB0W3hL4iGAGlyGR4=
x-served-by: cache-dca17732-DCA, cache-mxp6922-MXP
last-modified: Wed, 13 Oct 2021 10:46:58 GMT
server: cloudflare
x-timer: S1637146464.786671,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeG9pJybxDeOxqkUT5W7bVQBJSKuAhUp%2F4f21zrPzsvci6SwiWA6I1btpMqAbnGEnQ%2Fz080LGbwkGlBX4OO0fLWevd1MsqlH3qwbQJrA3AlJVuoz1zKDyMjJpfSrsTsNlB1Kvn8PCRzTYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 6e03e0d94fce0e2a-MXP
x-cache-hits: 1, 2

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 4786 5 B
481 B 128ms
81ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD0xZjU4MzMxMC01NDk0LTQ1NDktYWQ4ZS0xMjM4OWI1MzI3NDA%3D&pt=gross&stid=fc8ec34d-1858-4231-92ab-d607661f04f1&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4786 12 KB
6 KB 197ms
126ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

298026de987e738ac6cf8352d1b6de9726e5129be514f3d7a460d09ce57ed4a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8669c666-9c07-4f3c-992c-178fcbf5760e
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4786 284 B
1 KB 117ms
20ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=1f583310-5494-4549-ad8e-12389b532740&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4427423097140666
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d2ce58443389bd9484465a18da856caf54f247854d2ba75e733de5bdc2aece42

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4786 0
212 B 119ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=35343147613

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 4786 2 B
907 B 300ms
195ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4786 171 B
553 B 179ms
80ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 4786 73 B
145 B 89ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1f583310-5494-4549-ad8e-12389b532740&nocache=1645319668601&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668188&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 06f9f7d2b3c29010ad76f4702530b62bd5d3477cc6e8f3d7eb2d692ce8fe7753

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 25AB 0
212 B 110ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=60440564860

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 25AB 171 B
553 B 198ms
107ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 25AB 5 B
481 B 116ms
80ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1mZmI0MjYxZS01MzlmLTRhYTEtYTlkMi1hY2VjOGNkYjIwODk%3D&pt=gross&stid=2de14019-825f-4869-a2f6-1889c49f7326&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 25AB 73 B
145 B 81ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ffb4261e-539f-4aa1-a9d2-acec8cdb2089&nocache=1645319668611&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668216&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 2adc7f031840ffbd69bcb603c972f9bd95b83bbef7f3155b5b58e4b145dc209c

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 25AB 2 B
907 B 290ms
195ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 25AB 284 B
1 KB 106ms
18ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=ffb4261e-539f-4aa1-a9d2-acec8cdb2089&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5376577406291778
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 620323d09760e4de4c64a4b9bc8ac246fba0bd7d1c9e268427eedb36d020b6cd

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 25AB 12 KB
6 KB 182ms
114ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b68e2fbba84e3b9255504ab792a243b7610a44af7c8eb72625d06cf888de3138

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6fad3d5c-86b4-4c90-9829-e5bcaf82ad17
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 0CE3 73 B
376 B 70ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=b0e02ac0-f782-4fc4-a229-e9643cfdd937&nocache=1645319668620&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668211&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 6e6d776ffaafc0bb1e45286865f3c75d3a01aadfb52e3c107a88437c2bf79fd3

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0CE3 284 B
1 KB 97ms
18ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=b0e02ac0-f782-4fc4-a229-e9643cfdd937&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33059077565126405
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b10c5dda2b12cc7f4a013a85b7ac0d166136881944fa80482824d633778d1d6b

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0CE3 171 B
553 B 184ms
104ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0CE3 0
212 B 98ms
59ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=24735962239

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 0CE3 5 B
481 B 104ms
80ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1iMGUwMmFjMC1mNzgyLTRmYzQtYTIyOS1lOTY0M2NmZGQ5Mzc%3D&pt=gross&stid=743fa9dc-0c9c-45b1-839b-e735f77ea5e9&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0CE3 12 KB
6 KB 245ms
171ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6df038dcadabf7075ffc119c6812156102623f20cfa198463334b439201ea148

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: affbc091-3adb-4e79-b70f-e23ab3fc4bc9
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 0CE3 2 B
907 B 274ms
191ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 75B9 2 B
907 B 273ms
198ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 75B9 12 KB
6 KB 265ms
198ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fa37a22c225adf0d473e2280b8462477aa3347ea58b3f24c4039d72ed188198a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 06f76f25-2949-456d-8915-d89b8928d1cf
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 75B9 171 B
553 B 146ms
69ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75B9 284 B
1 KB 114ms
47ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=e9b34e50-1c22-41bd-9369-8d7bf2025c98&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7649758497935746
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 898ea1bd2cc0ab186ab61dd29920e2498ca87aab8ea592227c5030308a86aeb7

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 75B9 0
212 B 84ms
58ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=64477512711

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:25 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 75B9 5 B
481 B 87ms
75ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1lOWIzNGU1MC0xYzIyLTQxYmQtOTM2OS04ZDdiZjIwMjVjOTg%3D&pt=gross&stid=c83fb93f-f6c4-4f77-ab2d-03512b604e58&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 75B9 73 B
145 B 59ms
45ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e9b34e50-1c22-41bd-9369-8d7bf2025c98&nocache=1645319668634&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668194&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 7cd54757f6878501624365ad73604e7a494fbf41fd4435521711364a7d0ccf37

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8C7A 171 B
553 B 160ms
80ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 8C7A 5 B
481 B 84ms
81ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1jNjc0MDkxYy1kMmFjLTQwN2QtYWVjNC02MWRlOWU0MjcyODU%3D&pt=gross&stid=d152c0cd-2ddb-41b5-a2a5-60d849b4a900&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8C7A 284 B
1 KB 88ms
17ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=c674091c-d2ac-407d-aec4-61de9e427285&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7824975214291379
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0c5915dae897bf5ef98f46005c6083a2d3fef32bf710133eaadcd42c345a322d

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8C7A 0
212 B 52ms
35ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=7027352447

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8C7A 12 KB
6 KB 292ms
227ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8f2060e4629f0aa3e85465c0c40290f629ca32ef387bfd88bd1182a8db105ee3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 652c3d6a-d30c-4c8c-8add-f85162c12de1
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 8C7A 2 B
907 B 261ms
199ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 8C7A 73 B
145 B 47ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c674091c-d2ac-407d-aec4-61de9e427285&nocache=1645319668645&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668204&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 43e9002f10179a6d252b086d31250a439f7ffb45d1eb6cd3509d2488fa6a3340

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 219E 284 B
1 KB 50ms
13ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=284dd747-7b8d-4ef3-9c7b-c70357f54d5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7399067917486108
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6a94960b0f0b9d0d23ae0f3f65e790038e0ffdbf793b4e2a70cdb32778ff7a24

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 219E 2 B
907 B 227ms
199ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 219E 5 B
481 B 72ms
72ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD0yODRkZDc0Ny03YjhkLTRlZjMtOWM3Yi1jNzAzNTdmNTRkNWE%3D&pt=gross&stid=3d8fe36a-c6d0-430a-bb44-00735a52f053&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 219E 171 B
553 B 191ms
89ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:27 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 219E 73 B
145 B 32ms
31ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=284dd747-7b8d-4ef3-9c7b-c70357f54d5a&nocache=1645319668680&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668221&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 0f6fb7105c75800537e27126a413993054e97fd3b281a6199c994af24a67c75a

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 219E 12 KB
6 KB 139ms
97ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7feaa922b06b085762fb09e07c97c72e2f9c7525f03b2278ecd4e27f97a1b27c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1e860212-15ca-464f-a95c-738e76c518b7
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 219E 0
212 B 39ms
39ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=5822739263

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D9BD 284 B
736 B 82ms
58ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=ef004fa2-48f4-4d2b-83b8-fefd8572f148&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02401109432317461
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 59fb42059c332f713c4f4d6a7fc014f5bab191a04340829999debba0b92f81a7

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame D9BD 5 B
481 B 91ms
89ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1lZjAwNGZhMi00OGY0LTRkMmItODNiOC1mZWZkODU3MmYxNDg%3D&pt=gross&stid=b04702dc-c947-4fd5-8ada-fa700bf09899&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame D9BD 73 B
101 B 38ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ef004fa2-48f4-4d2b-83b8-fefd8572f148&nocache=1645319668699&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668226&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 52b6d074fec42a52a904f5ba64a8121d4539b98665a79bfe1703f3d377708170

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D9BD 171 B
558 B 184ms
103ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame D9BD 2 B
907 B 198ms
192ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D9BD 0
212 B 24ms
23ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=43686588862

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D9BD 12 KB
6 KB 196ms
102ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8218cb4587f447ef2d993abcc24788984b7ed680bd78cf24ca28c10ffae7adb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9b8484a2-ed29-4d35-8632-4c55ba9b13c2
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 206
Partial Content 7KtixRT9tVfw.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ED0B 31 KB
0 3406ms
3117ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/7KtixRT9tVfw.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:31 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-48242808/48242809
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 48242809

GET
H/1.1 206
Partial Content 9XKVqMYUAydU.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame CCB7 31 KB
0 4379ms
4092ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/9XKVqMYUAydU.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-25889875/25889876
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 25889876

GET
H/1.1 206
Partial Content wfeJmkVoLbFg.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ACCF 15 KB
0 5396ms
5106ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/wfeJmkVoLbFg.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 20 Feb 2022 01:14:33 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-70539007/70539008
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 70539008

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 4084 2 B
907 B 174ms
174ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 4084 5 B
481 B 87ms
87ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1kMjBjOWYyMC0zOTkyLTRlODQtODBlMi1hZjliYjRlNmMxMGU%3D&pt=gross&stid=bdc14d1f-dc31-4d3b-9247-221cd49a7a6b&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 4084 73 B
101 B 21ms
21ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d20c9f20-3992-4e84-80e2-af9bb4e6c10e&nocache=1645319668728&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668280&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: ca5b16eb38b7c0358eff0451f1be8fa7d8999228ba0eee22c10af7b706023473

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4084 0
212 B 16ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=52390265353

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4084 284 B
736 B 66ms
65ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=d20c9f20-3992-4e84-80e2-af9bb4e6c10e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12379488607473865
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e27d219b95a3a8fd9b1c99b1590be776c939057445e8260742e38e77b9ab5912

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4084 171 B
553 B 147ms
73ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4084 15 KB
8 KB 183ms
116ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b5e98bfa3f03e5a1573f5f14e47d47af248ac5adc3abf2724e2bddf972d14c09

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 416fe440-25c1-4c96-b9a5-fd952da0a1c8
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 07EB 0
212 B 36ms
36ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=86720943456

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 07EB 171 B
553 B 108ms
76ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 07EB 5 B
481 B 100ms
100ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD0wZTE3YzNmOS0zYmYxLTQwOTQtOWVjMC0wYzc0NDcxYzM0NzE%3D&pt=gross&stid=ec154e71-ea57-4b6f-9ab1-7662fb2b05e0&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 07EB 73 B
101 B 38ms
38ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0e17c3f9-3bf1-4094-9ec0-0c74471c3471&nocache=1645319668773&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668288&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 60dde6e44e673ee690a68103f5470d5880ce4aa9f14942670c60e411b93710f1

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 07EB 284 B
736 B 30ms
30ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=0e17c3f9-3bf1-4094-9ec0-0c74471c3471&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11334026625817284
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6d49a1a2d0769bb5886f41e8805e5ade0a4ce1cfefc35cf20b11de3d894d0737

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 07EB 13 KB
6 KB 146ms
100ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f28abcd2129d930ddb14a78909db6d1f0652be1bb09b672cd46337abb2b1327

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8c688afb-0b6a-4a46-a950-2005295f52cb
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 07EB 2 B
907 B 140ms
140ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 81ms
39ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1645319668778&de=926228728797&m=0&ar=944fd8091a1-clean&iw=0f4cc90&q=2&cb=0&ym=0&cu=1645319668778&ll=2&lm=0&ln=0&em=0&en=0&d=144842%3A167396%3A6856213%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1284%3A1284%3A0%3A1322&fs=196859&na=1785213651&cs=0
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 20 Feb 2022 01:14:28 GMT

POST
H2 204 generic
trends.newsmaxwidget.com/event/ 0
0 56ms
55ms Fetch 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/event/generic

Requested by

Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 54ms
54ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sgtreport.com
date: Sun, 20 Feb 2022 01:14:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DBAB 284 B
736 B 35ms
35ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=00a2ed27-9162-4b38-aa2d-feb16cf29c17&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9940425744876982
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 38d183a52b13dd2226c3cb476da379aad1de573c30478fa1b20c06c028444ab3

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DBAB 171 B
553 B 82ms
82ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame DBAB 73 B
101 B 43ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=00a2ed27-9162-4b38-aa2d-feb16cf29c17&nocache=1645319668860&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668296&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 57aef09cd8a6db322a80da532cc48fcde6e2abc68c87eb2442ce85658e342843

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DBAB 0
212 B 39ms
39ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=30147645608

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DBAB 145 B
1 KB 112ms
105ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a31d27f5ef1a9a41ce9770bf32a8b37308b3535b429eb1783e03f5a2e3b8e1b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 82badb2c-f3a3-4526-93a9-753c1985f245
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame DBAB 2 B
907 B 131ms
131ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ Frame DBAB 5 B
481 B 95ms
94ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD0wMGEyZWQyNy05MTYyLTRiMzgtYWEyZC1mZWIxNmNmMjljMTc%3D&pt=gross&stid=b2b83619-df0a-4ecb-8c2f-325847a6f524&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame F0DA 73 B
101 B 41ms
41ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=baa9df6a-d3d5-4f4e-9b9c-065d2d6ccd47&nocache=1645319668875&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668303&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 5967a4277a3b78266dba7a7612b82873d49a66ddaef6ce8d6b970376a23c7db3

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame F0DA 2 B
907 B 121ms
120ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F0DA 12 KB
6 KB 143ms
114ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

54fe3cf727aca81cbcc9762c92df79fe134b6e948455339fa6b7b47057579a14

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 583fccb1-de89-4c2a-b7ea-a3294b0e65b3
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame F0DA 5 B
481 B 91ms
89ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD1iYWE5ZGY2YS1kM2Q1LTRmNGUtOWI5Yy0wNjVkMmQ2Y2NkNDc%3D&pt=gross&stid=8ceb0e48-9588-43db-8901-d66a799b644a&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F0DA 171 B
553 B 86ms
86ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F0DA 0
212 B 39ms
37ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=21692818792

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:26 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F0DA 284 B
736 B 35ms
34ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=baa9df6a-d3d5-4f4e-9b9c-065d2d6ccd47&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6003668751742086
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6326817dbafa26aefecafd4a003fc986ba8df85126977b88074d387ffcc311a3

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
DATA 200
OK truncated
/ Frame 1836 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48d0d814eb294d1fb2564d3f31eeaeee5c3472518c66282852198fac55176a26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK f26e8bdc-cbf6-422c-95fb-5eac6ccf3a28
https://www.brighteon.com/ Frame 4CB0 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/f26e8bdc-cbf6-422c-95fb-5eac6ccf3a28
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/152421d1-6b51-4c35-80d3-c6758e7f8d76
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9949a49a6e8350d6c83ae4d1d53950e71225c7da27bebe1d92c74949a9868ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 52887
Content-Type: application/javascript

GET
H2 206 483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.ts Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 4CB0 683 KB
684 KB 299ms
299ms XHR
video/mp2t 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.ts
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 413e061e7e95644f4658890d0fd8db69ee1a763e02fb8309fc9434aa2c0b82cf

Request headers

Referer: https://www.brighteon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-698983

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f1134d088cf1ebc3b_d20191023_m170021_c002_v0001096_t0053
x-bz-content-sha1: unverified:081780db24e14239fa3407b113735ab70f915ee3
Content-Range: bytes 0-698983/212157060
x-bz-file-name: hls/483e80b7-f94c-4e61-be1d-c52b99f45ab8_270.ts
Content-Length: 698984
x-bz-upload-timestamp: 1571850021000
last-modified: Sun, 20 Feb 2022 01:14:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: video/MP2T
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0dabf9a83a3-MXP

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame DF1B 2 B
301 B 126ms
125ms XHR
application/json 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kloperd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DF1B 171 B
553 B 74ms
74ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kloperd.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DF1B 0
212 B 39ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=68481341071

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://kloperd.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
adx.adform.net/adx/ Frame DF1B 5 B
481 B 113ms
112ms XHR
application/json 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA1NjYmdHJhbnNhY3Rpb25JZD0yNzQxOTU0MC1kOWNmLTRlY2QtODU4ZC1mZmE2Yzc4Nzc2ZjA%3D&pt=gross&stid=6bb140ba-53ac-46a6-ac05-80606a2158d1&fd=1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://kloperd.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DF1B 15 KB
8 KB 126ms
126ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2248b3109cb5065af0fee773809b79e88ad3c03176c4edc5dee1ea76e3c69f79

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3a302a4d-af3b-4769-9f29-a9e55f6425dd
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame DF1B 73 B
100 B 42ms
41ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sgtreport.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=27419540-d9cf-4ecd-858d-ffa6c78776f0&nocache=1645319668919&schain=1.0%2C1!adpone.com%2C194a6ea3998f9e263238%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1645319668310&auid=545690967
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 9cf3ad91d41df05e80cd1614c9f9413858d859e40ce491d329efa111efbae06c

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:28 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://kloperd.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DF1B 284 B
736 B 34ms
34ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=291790&zone_id=2160116&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=10__sgtreport.com&tk_flint=pbjs_lite_v4.38.0&x_source.tid=27419540-d9cf-4ecd-858d-ffa6c78776f0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.731586351383108
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 896142ffb555b392a8b146e37123f08a18e72b880b82a199dc9a13b0ee7260e6

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.en-js.122b9fbba4c2bb33b5d0.js Show response
platform.twitter.com/embed/ Frame 893A 38 KB
13 KB 48ms
48ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.122b9fbba4c2bb33b5d0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: 8b8fd42428fc23cb3e05286969a166064c0d301ff369b598dbb456abf969f679

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264893
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12556
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE9)
Etag: "c808ad8bb9ff9ba3781e238c509a1178+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.en-js.bbbec17470b73a2c2c9e.js Show response
platform.twitter.com/embed/ Frame 893A 4 KB
2 KB 47ms
47ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.en-js.bbbec17470b73a2c2c9e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: 2ccd75fd134ab20740d6a8fead47c1c3498bc26b16c1ae45460ba56d0a055bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:28 GMT
Content-Encoding: gzip
Age: 264891
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CF0)
Etag: "3bedc42060c7eeb5e24edf197d1e1931+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.8ed281fb773e0cf5780f.js Show response
platform.twitter.com/embed/ Frame 893A 4 KB
2 KB 50ms
50ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.8ed281fb773e0cf5780f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: c1d8e0a54826d79c4abe69a0e3ed4b3001a6f3de8d05c771516ea63d60347764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 264893
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 1801
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE6)
Etag: "284f23fe820d396b6bfc5577076c2110+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EE6 13 KB
5 KB 47ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Feb 2022 00:01:50 GMT
expires: Mon, 20 Feb 2023 00:01:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AFB9 783 B
1 KB 73ms
29ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35cc81d632df8ea89b12a5b96857fe61b5091baca46d8872ed6b2f1cf43c95c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zgC0tWPe0FXK52lIhnwUtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 20 Feb 2022 01:14:29 GMT
date: Sun, 20 Feb 2022 01:14:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zgC0tWPe0FXK52lIhnwUtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK b881e3d7-c93e-44ad-84c8-e5120d07cf47
https://www.brighteon.com/ Frame 580A 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.brighteon.com/b881e3d7-c93e-44ad-84c8-e5120d07cf47
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/embed/189060c5-96ef-492a-9651-a40ecc84dec7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9949a49a6e8350d6c83ae4d1d53950e71225c7da27bebe1d92c74949a9868ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 52887
Content-Type: application/javascript

GET
H2 206 61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.ts Show response
video.brighteon.com/file/Brighteon-staging/hls/ Frame 580A 484 KB
485 KB 519ms
518ms XHR
video/mp2t 2606:4700::6811:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.brighteon.com/file/Brighteon-staging/hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.ts
Requested by: Host: www.brighteon.com
URL: https://www.brighteon.com/_next/static/chunks/9e9c79d6d232b032827ca67255567389a62eecfc.91c3a5f9d6aeceda8134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f01bd430a96b626c6c2f06ec01cd6617242296bc8013d068313abe5a459d93

Request headers

Referer: https://www.brighteon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-495755

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
cf-cache-status: MISS
x-bz-file-id: 4_z88b2c91b4a10c84b66a40e17_f11760a9958ca8e73_d20191024_m190921_c002_v0001129_t0001
x-bz-content-sha1: unverified:4d9173ad57a6c18a8909946d06e9324c1cb8f833
Content-Range: bytes 0-495755/47317908
x-bz-file-name: hls/61f6b5bf-d2bb-4b7e-a0be-c74b0e1a88cf_270.ts
Content-Length: 495756
x-bz-upload-timestamp: 1571944161000
last-modified: Sun, 20 Feb 2022 01:14:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding
content-type: video/MP2T
access-control-allow-origin: https://www.brighteon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e03e0db586383a3-MXP

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 145D 0
803 B 80ms
25ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEIGL8bOG_oyqVxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjc7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnRIdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNRERnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXb0xha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZoU3Zidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODAw2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH3OwD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=87969b050bcaf6fe5e8a46fec7a7d98f9df269d5&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dajaqdoabmxf%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dajaqdoabmxf%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dd32abc4-0b64-47bd-9837-01dcac5b288e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 145D 85 KB
29 KB 88ms
29ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 145D 0
803 B 94ms
29ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEIGL8bOG_oyqVxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjc7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnRIdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNRERnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXb0xha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZoU3Zidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODAw2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH3OwD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=67e7ea39fb25f3fd39a50e50c853a021dfad68cc

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b44c8f68-12de-41fd-9e16-cd43fd486c72
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 145D 77 KB
77 KB 142ms
31ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame C6F9 77 KB
77 KB 141ms
32ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame C6F9 0
803 B 76ms
25ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEMbIytzIsYL0PxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFyMXY5MUFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNampnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUxha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODI42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-wD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=f6c732c3f26f67d1514d819f405abb815b3da4ba&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dqgldyytp%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dqgldyytp%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c20cb1a7-8d34-40e8-aa97-cd720af1d350
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame C6F9 85 KB
29 KB 91ms
30ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame C6F9 0
803 B 106ms
30ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEMbIytzIsYL0PxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFyMXY5MUFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNampnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUxha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODI42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-wD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ab155c35cdfba434bd92fa3b9ea9736a55a07c63

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eb675f17-af22-42aa-ae65-f54b9c71ef17
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame DFFB 77 KB
77 KB 137ms
33ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame DFFB 0
803 B 73ms
25ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGENXs1dOO0eH5dRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXin6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFsbHZteEFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXX0lxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZ4VHJidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDE12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHp-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=919f36dd4afa39aea7e6772b3d588268768cdf22&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddsrziibjt%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddsrziibjt%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: be138d47-73ac-474b-92a8-936f1d591416
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame DFFB 85 KB
29 KB 91ms
30ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame DFFB 0
803 B 103ms
31ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENXs1dOO0eH5dRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXin6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFsbHZteEFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXX0lxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZ4VHJidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDE12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHp-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a7c052ec2ab675d2c086ca531c3dea0d9fcbac77

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8cf4a066-ae34-4cbb-b732-20723bd10367
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame AE51 77 KB
77 KB 132ms
33ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame AE51 0
803 B 72ms
27ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEJ-opZbx9cv6BRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXip2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXRpdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVPVG5nQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXZkg2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIS14UmFkQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTk52gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHqdsE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=e8541fd96d68b72362e88e62aaed46117d56507b&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dxbfojoa%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dxbfojoa%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4551fccb-6045-4149-ac01-be8119306cf0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame AE51 85 KB
29 KB 92ms
33ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame AE51 0
803 B 99ms
31ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEJ-opZbx9cv6BRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXip2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXRpdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVPVG5nQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXZkg2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIS14UmFkQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTk52gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHqdsE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=e00243783dff9871a9ade3b5f4ba2ee23b6714ae

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 30c3266b-38dd-4c6b-951f-20d213953ea7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame F47E 77 KB
77 KB 123ms
33ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame F47E 0
803 B 99ms
61ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEL698dfpvIKcGBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt5wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFqVnRWdndpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVXdORFBnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeko2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YQExnR0NnLi6aApkBITZSUmRiPv0BZEl1MGxnRWdBQ2dBTWZGbzQ0aTEtT1EtT2dsPUkUTkExQzFKBV0YQUFBOEQ5UgEICQEEQloJCAEBBEJoAQYJAQRCcAkIAQEEQngBBgkBEEI0QUlrLmQB6C7YAgDgApuFTuoCGmh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20v8gIRCgZBRFZfSUQSBzE4MTUxODfyARQMQ1BHXwEUNDQyOTMxNTXyAhEKBUNQARM0CDM1OTk4NTI38gINCggBPBhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVcRDxALCgdDUBUOEA8KBUlPAWAEBjVlhgDyASAESU8VIDgTCg9DVVNUT01fTU9ERUwBKhQA8gIaChYyFgAcTEVBRl9OQU0FcAgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMxOjUwNDPaBAIIAeAEAfAEpuXBkwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAF4agc-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAft5wXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=e79facf78d96d5fdbbcb8ceaf4d5951a5334d188&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dzfnjshxzl%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dzfnjshxzl%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 721dbc61-6421-4796-b095-a66a7ffaecb9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame F47E 85 KB
29 KB 91ms
33ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame F47E 0
803 B 96ms
33ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEL698dfpvIKcGBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt5wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFqVnRWdndpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVXdORFBnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeko2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YQExnR0NnLi6aApkBITZSUmRiPv0BZEl1MGxnRWdBQ2dBTWZGbzQ0aTEtT1EtT2dsPUkUTkExQzFKBV0YQUFBOEQ5UgEICQEEQloJCAEBBEJoAQYJAQRCcAkIAQEEQngBBgkBEEI0QUlrLmQB8Ncu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMxOjUwNDPaBAIIAeAEAfAEpuXBkwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAft5wXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=1ef3d86514231108cc54682c84bad04a72b1c852

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bda6e39f-db94-4514-8e75-75b39bf34373
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 69EE 77 KB
77 KB 145ms
35ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 69EE 0
803 B 41ms
40ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGEICH8ZzDv46NcBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXic-QKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXNMdVFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNREhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeElxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITVoU01iZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDAx2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHnPkC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=4ce682f10da0d53ac10b54d084c96b6480df3d6a&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Deunjajs%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Deunjajs%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e6f30b96-b74b-4b99-bed0-3ea87339aa20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 69EE 85 KB
29 KB 50ms
42ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 69EE 0
803 B 51ms
40ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEICH8ZzDv46NcBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXic-QKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXNMdVFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNREhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeElxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITVoU01iZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDAx2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHnPkC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a43eee7c41e68bf5421e475899bb9c106494ebc6

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2e1f5f5b-96e4-4847-ad8e-5099cf734f76
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1836 0
0 74ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhz7Px5tWu_GnZuLzTm2xvEct02pVxkRtQiy4Xa5ve2i_ml54wmuAESs11f7lvz6_IxqbXzJp6GDzSwnDL7S05W5jvcdVW_exrE693Wnk-QeTjHPJQ7o36nELC6Zt0U1wA4BejIEVa6FZYfTfSkTIJ2lXwlesz1M6m4kVaEcwL-blcyV-BnAJTF7R8dvRjilPgDZ4nWf4hqkmupDe6w5Q-TjgQ5ruLJw-tBNAzZIcBXT349AioANKGqMEDd7_2U2VrlOqb6FRVTA7-RImn9_KVLUG99G9HfKyrW0XRjh-ZGPdZURrstOEsLYwucBvMJll76ckyW3CXZbHFxjw_dRFrhSW_dyZ60sZF4dMReTLS0lyhiw&sig=Cg0ArKJSzP3Oi24gozd5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Feb 2022 01:14:29 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 1FC1 77 KB
77 KB 158ms
42ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 1FC1 0
803 B 45ms
39ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGELb1tc2EiL20SBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXik4ASAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyEyVnNBN1FpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVOalhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYOUhxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTY12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHpOAE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=cd516d0e04898bd4b58f1c04e5801d76575f19ca&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ditvuazad%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ditvuazad%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b26deade-bcd4-46b9-9ab9-954e1e0cc532
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 1FC1 85 KB
29 KB 58ms
44ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 1FC1 0
803 B 45ms
38ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGELb1tc2EiL20SBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXik4ASAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyEyVnNBN1FpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVOalhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYOUhxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTY12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHpOAE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ca8aea11baa063a797d70d6df710939fc1c3b042

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 81f58e4f-ace7-484c-bf2a-b90656b5c3f3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 8ACA 112 KB
39 KB 138ms
32ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 71813
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 39847
X-Served-By: cache-lga13622-LGA, cache-hhn4034-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 19 Jan 2022 12:36:35 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1645319669.239700,VS0,VE0
ETag: W/"61e805d3-1c12c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Tue, 15 Feb 2022 05:17:28 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 359748

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 8ACA 77 KB
77 KB 146ms
42ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 8ACA 85 KB
29 KB 52ms
46ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 8ACA 0
803 B 42ms
40ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENyR6Lv7l9yRdRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt-gKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnZ1dmdpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUXpPVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXcklxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIThoVGJjUTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0Mzk12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH7foC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=9fa8b0c3bb58afe48739d7abacfffc51d2cad8a9

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1372cc03-562d-430a-a3d5-7077a654a04b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 referrer Show response
pix.pontiac.media/ Frame FAEC 0
81 B 164ms
59ms XHR
text/plain 3.123.202.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.pontiac.media/referrer
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.202.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-202-144.eu-central-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:29 GMT
server: akka-http/10.1.11
content-length: 0

GET
H2 200 init-686hizt6g2pxp8qs2ox.js Show response
api.b2c.com/api/ Frame FAEC 472 B
869 B 343ms
220ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-686hizt6g2pxp8qs2ox.js?advertiserID=5208073&lineitemID=17068185&creativeID=305852647&AUCTION_ID=456902359250892500&BID_PRICE=0.00801&CREATIVE_CODE=2515-44387cr&CREATIVE_SIZE=300x250&DATACENTER=ams1&EXT_APP_ID=&PRICE_PAID=0.00801&PUBLISHER_CODE=&PUBLISHER_ID=2002423&REFERER_URL_ENC=https%3A%2F%2Fwww.sgtreport.com%2F&REFERER_URL=https://www.sgtreport.com/&SELLER_MEMBER_ID=10264&SESSION_FREQ=-1&TAG_ID=22604000&TIMESTAMP=1645319668&USER_AGENT_ENC=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&USER_AGENT=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/98.0.4758.80%20Safari/537.36&USER_CITY=Wangerland&USER_ID=1419046412244532778&USER_IP=217.64.151.29&USER_STATE=DE%3A06&CARRIER_ID=1&DEVICE_AAID=&DEVICE_APPLE_IDA=&DEVICE_MAKE_ID=0&DEVICE_MD5=&DEVICE_MODEL_ID=0&DEVICE_ODIN=&DEVICE_OPENUDID=&GEO_LAT=&GEO_LON=&SUPPLY_TYPE=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc66a5c6697d4a9b9b605a719348b885dbd019cd963ce65be655de660f82e83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN2to2kv9E8TShOxFqGuI2QB9MFypsv561V8FNY2CrIBaD4HT%2By1sM0XKAonYOOasni%2BdummP6oF1CV5jb66U4yconoxpQ09S6BbPhIumnMEl2RwTw6WRwrFbl3NLefRIDi7cPkKBuL3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6e03e0dcfcfb0f4e-MXP
expires: 0

GET
H2 200 init-15j7uxu68dztjn4ja0.js Show response
eu.b2c.com/api/ Frame FAEC 688 B
733 B 207ms
83ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.b2c.com/api/init-15j7uxu68dztjn4ja0.js?placement=pontiac-dsp&advertiserID=5208073&advertiserCODE=&lineitemID=17068185&lineitemCODE=2515-16097&campaignID=271058864&campaignCODE=&AUCTION_ID=456902359250892500&BID_PRICE=0.00801&PRICE_PAID=0.00801&PUBLISHER_CODE=&PUBLISHER_ID=2002423&CLEAR_PRICE=0.11&SITE_ID=5713780&REFERER_URL_ENC=https%3A%2F%2Fwww.sgtreport.com%2F&REFERER_URL=https://www.sgtreport.com/&SELLER_MEMBER_ID=10264&TIMESTAMP=1645319668&USER_CITY=Wangerland&USER_IP=217.64.151.29&USER_STATE=DE%3A06&CARRIER_ID=1&DEVICE_AAID=&DEVICE_APPLE_IDA=&DEVICE_MAKE_ID=0&DEVICE_MD5=&DEVICE_MODEL_ID=0&DEVICE_ODIN=&DEVICE_IFA_TYPE=&DEVICE_IFA=&DEVICE_OPENUDID=&GEO_LAT=&GEO_LON=&SUPPLY_TYPE=0&GDPR_CONSENT_STRING=&GDPR_APPLIES=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f539aee18fca6282981ad86e09c635f31791854bfaa1bb142bd4ebfa63ffb49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09GJeSVDRczP9FRcAsKdp0c%2BDcNq%2FzlaJpMqTMZW8RjdLM%2FlxBtzclfVKAXJA0WKLdwacRtlpFvvG6nJKEyzAYeZMmJEMnzwScvCkMq8FOPIerMWQ04rh3gfVj9xouILUyl3ajkH4ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6e03e0dcfea259a7-MXP
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame FAEC 85 KB
29 KB 54ms
53ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame FAEC 0
803 B 48ms
47ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QK-C_BMvgUAAAMA1gAFAQj0q8aQBhDU7b-h5sjPqwYYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjwvQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCFrM1NDZWdpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPak01T0RuZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRmxSLVlCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFhaGFEUj5lAmRJdTBsZ0VnQUNnQU1hcngwazFpRU5BX09nbD1pFGxBMUMxSgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCCBEQUlVQjRBSWsxgPCwQThEOC7YAgDgApuFTuoCGmh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDgbEy4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzM0NCNBTVMxOjM5ODnaBAIIAeAEAfAEhY8giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFpopD-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG4QzaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOL4GQADIB_C9A9IHDRV2GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a08ba9b1499a6f3ca543cfbaf52b98943927bb34

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 56982bf0-ae5b-4d80-bcf0-99a72eccfb20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 65c8b6d0-180b-4107-81aa-eb902ece5701.jpeg
crcdn01.adnxs-simple.com/creative/p/3344/2021/9/22/28466959/ Frame FAEC 10 KB
10 KB 125ms
38ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/3344/2021/9/22/28466959/65c8b6d0-180b-4107-81aa-eb902ece5701.jpeg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 06772904942aadb9c0872e5109e4711b29de8724f6f9f24c861a22d411f5a26d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 22 Sep 2021 21:02:29 GMT
Server: nginx/1.19.0
x-amz-request-id: c6ffea9c-7fd3-4c40-8ef1-995be30643ae
X-Clv-Request-Id: c6ffea9c-7fd3-4c40-8ef1-995be30643ae
ETag: "15905722d9bf078f7133af3a27223805"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10053
Expires: Wed, 06 Apr 2022 01:14:29 GMT

POST
H2 204 result Show response
www.bitchute.com/cdn-cgi/bm/cv/ Frame ACCF 0
526 B 51ms
51ms XHR
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/cdn-cgi/bm/cv/result?req_id=6e03e0cefc3b3752
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0dc788c3752-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6nPkz%2BLobfObcXl1OzSAfdlZBJlQ8gJEyQj9VTkK4VpdFo6ed4ypxEaqTXJGTYxnrmcbc4jAuVVtZhdD6WGkFM3EvHPL%2FWuUA1K0FM7ChTtUr7aT2ZxpdPzK8klae0npWEyRXRPMLfxhu7dR38%3D"}],"group":"cf-nel","max_age":604800}

POST
H2 204 result Show response
www.bitchute.com/cdn-cgi/bm/cv/ Frame ED0B 0
499 B 49ms
49ms XHR
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/cdn-cgi/bm/cv/result?req_id=6e03e0cefc3f3752
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/embed/7KtixRT9tVfw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0dc98983752-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G48RbtswUiFYWoz%2B2wWnLM8dqpmbu0Z10%2FVuEMJjP8XIoBUUYNSxh0v5jWZtPSS9IbUhysyKe4Wi6soZo2cl%2Bc6dxeZKmNTX6jv7RViBde%2BRC8fXjuFkJzV37ef5rBYRQ%2Fki46RnYuK15%2BO%2FE0M%3D"}],"group":"cf-nel","max_age":604800}

POST
H2 204 result Show response
www.bitchute.com/cdn-cgi/bm/cv/ Frame CCB7 0
502 B 45ms
44ms XHR
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/cdn-cgi/bm/cv/result?req_id=6e03e0cefc3e3752
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/embed/9XKVqMYUAydU/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e03e0dca8b53752-MXP
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkMI8ZVD%2Bz1ATQXhd6hjRh%2B04zsfHIgY6QzOJL4o%2FXm%2BUsWB%2BSFPabRvkeaAvHhDAoVbKXpRtfkK8QyTJhZa4uXpGBI%2B5QcGKNUFkaRjDdMYMTR5SQFYezwJJDGGOLZk%2BVAaqIWDWTN0%2FWicEIY%3D"}],"group":"cf-nel","max_age":604800}

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0C33 10 KB
5 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 02:13:40 GMT

GET
H2 200 apn
beacon.sojern.com/imp/ Frame 0C33 42 B
197 B 288ms
15ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/apn?auc=3972022187226824490&cr=240739539&seg=&st=0&bp=0.00792&pp=0.00792&aaid=&idfa=&ord=2072668300
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 0C33 2 KB
1 KB 270ms
113ms Script
text/javascript 108.157.4.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=2072668300&sz=300x250&js=st_dapp
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-26.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 918
x-amz-cf-id: 4LSznSpw2HSMsIB_tgaS72nC3DXft6vlXbUvM8aHH3sgQEOHJdHwtQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 0C33 85 KB
29 KB 41ms
41ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 0C33 0
803 B 40ms
40ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QK4CvBMOAUAAAMA1gAFAQj0q8aQBhCq_v-sp6TdjzcYqvyCzZjm3dgTKjYJKuPfZ1w4gD8RBWFtG20teD8ZAAAAwPUovD8hBWFtG20teD8pKuMJJPCwMQAAAEDheoQ_MODR4wo4mFBA6j9IAlDTyeVyWIu0lgFgAGj2xbIBeOCOBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0ODE5MzQzLCAxNjQ1MzE5NjY4KTt1ZignaScsIDQ4MjQ2NjUsIDE2NDUzMTk2NjgpO3VmKCdnJywgMTI3MzQ3MjgsIDE2NDUzHTswcicsIDI0MDczOTUzOTY9APCLkgL9AyFObVFIclFqWDJOUVZFTlBKNVhJWUFDQ0x0SllCTUFBNEFFQUFTT29fVU9EUjR3cFlBR0NLQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQlhHM0VheHc1Z0RfQkFWeHR4R3NjT1lBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWRtOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE56YmdBOVF0Z0FUZjZjVUVpQVN3N3NzRWtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAVRpQVhRSUtrRl90UjQ2U1l4N0QteEJRCRwBARR3UVdhbVoFAhA1UDhrRgEUHDRHSkh0RF9SLigACDJRVQEb0EFBQUR3UC1BRm1BYndCWWlpaVFiNEJZLVRwZ0tDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFaBV4sYmtfcUFZRXNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEheWhYa1lBNgECNGk3U1dBU0FBS0FBeG1wBWtcWnVUODZDVUZOVXpFNk5ERTNOa0RVTFVrAb4JwQAxPTQARhEYDEFBQUcdGABHHRgASB0YDEhnQWkuFQLw13cuLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0FNUzE6NDE3NtoEAggB4AQB8ATTyeVyiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBugp2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAfgjgXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=d476962836427e729dfca608c63cd636db7d0ad8

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e58d286b-1acd-46d3-a259-2e517c3dbbcf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0f254544-d061-4bda-9afd-ae3a468dae03.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/ Frame 7D92 77 KB
77 KB 48ms
42ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981882/0f254544-d061-4bda-9afd-ae3a468dae03.jpg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:28 GMT
Server: nginx/1.19.0
x-amz-request-id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
X-Clv-Request-Id: e2ba6c59-577b-40f1-88bc-e0f94aae2108
ETag: "928624e32629ee4f24af477311d500be"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78761
Expires: Wed, 06 Apr 2022 01:14:29 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B949 52 KB
17 KB 141ms
46ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:29 GMT
Age: 76262
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999641
X-Timer: S1645319669.328332,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 7D92 0
803 B 76ms
75ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKeDPBMHgYAAAMA1gAFAQj0q8aQBhC73e7Oo6qliV8YyM2T-9Dvgt0UKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hR2RVDY3q7j4p8WgJJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCLkgL1AyFQMWc4UkFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnd0FGb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FSS29BUU93QVFDNUFhLXZTalcyLVBRLXdRR3ZyMG8xdHZqMFBza0JBQUFBQUFBQThEX1pBUUEJDnBQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsQlRWTXhPalEwTURqZ0E5UXRnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBVzRJcWtGX3RSNDZTWXg3RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBAV4FAQBCHbsEQmsFEwUBAEMdGEBMZ0dDZy4umgKZASE3UlIyYz75AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYIA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDA42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=fdf005d12744dc824a1d68bc8d6620cd4d18bac9&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dfdnhadlr%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dfdnhadlr%26e%3D1070549076851&

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0b3f2fdd-ec9c-4d60-aad2-7dbb3bc563b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 7D92 85 KB
29 KB 60ms
59ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 7D92 0
803 B 59ms
58ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QKSCvBMEgUAAAMA1gAFAQj0q8aQBhC73e7Oo6qliV8YyM2T-9Dvgt0UKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hR2RVDY3q7j4p8WgJJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCLkgL1AyFQMWc4UkFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnd0FGb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FSS29BUU93QVFDNUFhLXZTalcyLVBRLXdRR3ZyMG8xdHZqMFBza0JBQUFBQUFBQThEX1pBUUEJDnBQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsQlRWTXhPalEwTURqZ0E5UXRnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBVzRJcWtGX3RSNDZTWXg3RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBAV4FAQBCHbsEQmsFEwUBAEMdGEBMZ0dDZy4umgKZASE3UlIyYz75AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDA42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a86796d6b25be5f800677402d6ab0307c95b2f77

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7d1fa013-7ca2-4165-8682-0eece80d8ac8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 65c8b6d0-180b-4107-81aa-eb902ece5701.jpeg
crcdn01.adnxs-simple.com/creative/p/3344/2021/9/22/28466959/ Frame 9A33 10 KB
10 KB 56ms
55ms Image
image/jpeg 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/3344/2021/9/22/28466959/65c8b6d0-180b-4107-81aa-eb902ece5701.jpeg
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 06772904942aadb9c0872e5109e4711b29de8724f6f9f24c861a22d411f5a26d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Last-Modified: Wed, 22 Sep 2021 21:02:29 GMT
Server: nginx/1.19.0
x-amz-request-id: c6ffea9c-7fd3-4c40-8ef1-995be30643ae
X-Clv-Request-Id: c6ffea9c-7fd3-4c40-8ef1-995be30643ae
ETag: "15905722d9bf078f7133af3a27223805"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10053
Expires: Wed, 06 Apr 2022 01:14:29 GMT

POST
H2 200 referrer Show response
pix.pontiac.media/ Frame 9A33 0
80 B 71ms
60ms XHR
text/plain 3.123.202.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.pontiac.media/referrer
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.202.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-202-144.eu-central-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:29 GMT
server: akka-http/10.1.11
content-length: 0

GET
H2 200 init-686hizt6g2pxp8qs2ox.js Show response
api.b2c.com/api/ Frame 9A33 473 B
641 B 254ms
224ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-686hizt6g2pxp8qs2ox.js?advertiserID=5208073&lineitemID=17068185&creativeID=305852647&AUCTION_ID=6369879859716815019&BID_PRICE=0.00801&CREATIVE_CODE=2515-44387cr&CREATIVE_SIZE=300x250&DATACENTER=ams1&EXT_APP_ID=&PRICE_PAID=0.00801&PUBLISHER_CODE=&PUBLISHER_ID=2002423&REFERER_URL_ENC=https%3A%2F%2Fwww.sgtreport.com%2F&REFERER_URL=https://www.sgtreport.com/&SELLER_MEMBER_ID=10264&SESSION_FREQ=-1&TAG_ID=22604000&TIMESTAMP=1645319668&USER_AGENT_ENC=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&USER_AGENT=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/98.0.4758.80%20Safari/537.36&USER_CITY=Wangerland&USER_ID=1419046412244532778&USER_IP=217.64.151.29&USER_STATE=DE%3A06&CARRIER_ID=1&DEVICE_AAID=&DEVICE_APPLE_IDA=&DEVICE_MAKE_ID=0&DEVICE_MD5=&DEVICE_MODEL_ID=0&DEVICE_ODIN=&DEVICE_OPENUDID=&GEO_LAT=&GEO_LON=&SUPPLY_TYPE=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2df222243ebd1769b7b2abe86e6c652300a49ee2ee4b86d303cff98d6662214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFcQXazcivuFcFa%2FKFYDBASjNNm6vd28lPXQbKjV35IqvxKkiisxRLwphknZfNNBG1%2Bpx%2FXsGEK4Xf1qQzGlz%2FNms1pCCX359nTF6vtKDwedANFmkTdw9nbp8q3Dle9sjO%2FRoIhj2f6S"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6e03e0dcfcfd0f4e-MXP
expires: 0

GET
H2 200 init-15j7uxu68dztjn4ja0.js Show response
eu.b2c.com/api/ Frame 9A33 662 B
957 B 114ms
83ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.b2c.com/api/init-15j7uxu68dztjn4ja0.js?placement=pontiac-dsp&advertiserID=5208073&advertiserCODE=&lineitemID=17068185&lineitemCODE=2515-16097&campaignID=271058864&campaignCODE=&AUCTION_ID=6369879859716815019&BID_PRICE=0.00801&PRICE_PAID=0.00801&PUBLISHER_CODE=&PUBLISHER_ID=2002423&CLEAR_PRICE=0.11&SITE_ID=5713780&REFERER_URL_ENC=https%3A%2F%2Fwww.sgtreport.com%2F&REFERER_URL=https://www.sgtreport.com/&SELLER_MEMBER_ID=10264&TIMESTAMP=1645319668&USER_CITY=Wangerland&USER_IP=217.64.151.29&USER_STATE=DE%3A06&CARRIER_ID=1&DEVICE_AAID=&DEVICE_APPLE_IDA=&DEVICE_MAKE_ID=0&DEVICE_MD5=&DEVICE_MODEL_ID=0&DEVICE_ODIN=&DEVICE_IFA_TYPE=&DEVICE_IFA=&DEVICE_OPENUDID=&GEO_LAT=&GEO_LON=&SUPPLY_TYPE=0&GDPR_CONSENT_STRING=&GDPR_APPLIES=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7619f952cb2c6d6a25ee105205abcc61014595c080774bd02f134a1324acae2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTrH6lzSjGWMwxn9%2FKO%2FNw%2BIZXdJywkKdZzPAAH1QDnHP6EIK%2Fwz48GnUpElMoOGFApbIgi9s2mYryE1E%2FNQ4dnFMUSV8IzjllTlzPvCYhOnELBiZNFW%2BXuHfEgtn081Wf3052dUVpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6e03e0dcfea459a7-MXP
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/223/ Frame 9A33 85 KB
29 KB 65ms
64ms Script
application/x-javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/223/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 11:17:05 GMT
Server: AkamaiNetStorage
ETag: "c9e559aa565538f002ac19a4587de413:1645010225.6741"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29208
Expires: Mon, 20 Feb 2023 01:14:29 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 9A33 0
803 B 61ms
60ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.sgtreport.com%252F&e=wqT_3QK-C_BMvgUAAAMA1gAFAQj0q8aQBhCr8dfiu_-Ws1gYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjHgQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCF3blM0a3dpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPalF4TnpYZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRnp5Q1lCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFYaFl0UXc6ZQJkSXUwbGdFZ0FDZ0FNYXJ4MGsxaUVOQV9PZ2w9aRRWQTFDMUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQggREFJVUI0QUlrMYDwsEE4RDgu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMzNDQjQU1TMTo0MTc12gQCCAHgBAHwBIWPIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBaaKQ_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBuEM2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi-BkAAyAfHgQPSBw0VdhgQABgA2gcGCSdE4AcA6gcCCADwB8aZAYoIAhAA&s=21b8b6c5eff2b872ec01d7fe49dc99fd57396ed0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 85e3b2de-204a-4613-9e48-a8692875534c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
329 B 164ms
56ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 253ms
86ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c5da7e29ceb3dcac7a1fcf404a1365f3432c15eff06b5cb59913f62797faea66

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.13.245
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 227ms
57ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 61391cb434a0c17cc9472e168f84513b4917a04abdf6074856902d944a6596c3

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
337 B 291ms
126ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d51843c602af2f44b7cc86aac67308f216eb8a6591bc44e5a9b1d46617518428

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.23.92
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 225ms
57ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 9c5cf152044e0ac9c8e4d6e31c8c7abc74741c90d677a5c1b2fbade70360496a

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
339 B 232ms
71ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 377426eefc5b0a48d3d23f3ffc1d40ef19d251e49d776a69978108fb0efefa49

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.28.206
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 222ms
57ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: f39a0024355aab96f772c523a58f5ebd880e9753f3deb7ebf6cdc2e92bec6162

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame 0C33 41 KB
17 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 16:13:40 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.b2bc88b41b5f27a4ebc2.js Show response
platform.twitter.com/embed/ Frame 893A 465 KB
117 KB 77ms
77ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.b2bc88b41b5f27a4ebc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 46fa3c738f077fed701f4ce44ebc0bed4066a8ec40a2a2f9396bbedfb9992c5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 119609
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE4)
Etag: "58bd8d8ecc59a346aad33a745efa2b58+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.e91d677195a62396c5e0.js Show response
platform.twitter.com/embed/ Frame 893A 37 KB
11 KB 75ms
75ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.e91d677195a62396c5e0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: a31dca2f7dbfdca4fe37111b3d36a24e1d365b5ec80ffbf934ad748b9904be7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 10943
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CE4)
Etag: "ff240890b7d6c1a4fcbdab19b42c0a22+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.e67530aa104c146ef330.js Show response
platform.twitter.com/embed/ Frame 893A 23 KB
6 KB 74ms
73ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.e67530aa104c146ef330.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF4) /
Resource Hash: 912eea84c7a87449e0bc05a4d7de9e83aac26bc6d0aa7135bda08cb76d47909e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 5867
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CF4)
Etag: "06565606c76461c3a3ca710fec101548+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.f05911f01783ae8b9bbb.js Show response
platform.twitter.com/embed/ Frame 893A 56 KB
13 KB 75ms
74ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.f05911f01783ae8b9bbb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5c0ce4294115824be9df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDF) /
Resource Hash: 81d611736a5872efc03207914dbbfbe8b1ad6e278086c6ee87c473adddcadf75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1187535665396776961&lang=en&origin=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=f617ff35cb5363c34f43b0724e892af12da1aaa9&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:29 GMT
Content-Encoding: gzip
Age: 264892
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12876
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 23:37:56 GMT
Server: ECS (mil/6CDF)
Etag: "53af63b51dd778af30ad72471310c675+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame DFFB 0
821 B 54ms
53ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENXs1dOO0eH5dRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXin6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFsbHZteEFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXX0lxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZ4VHJidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDE12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHp-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a7c052ec2ab675d2c086ca531c3dea0d9fcbac77&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f3596e93-f188-4f0a-ada1-f2d3cab7f61b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 145D 0
821 B 52ms
52ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEIGL8bOG_oyqVxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjc7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnRIdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNRERnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXb0xha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZoU3Zidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODAw2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH3OwD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=67e7ea39fb25f3fd39a50e50c853a021dfad68cc&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a45900b8-9267-463d-8f51-a80052aadf84
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame F47E 0
821 B 51ms
50ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEL698dfpvIKcGBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt5wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFqVnRWdndpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVXdORFBnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeko2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YQExnR0NnLi6aApkBITZSUmRiPv0BZEl1MGxnRWdBQ2dBTWZGbzQ0aTEtT1EtT2dsPUkUTkExQzFKBV0YQUFBOEQ5UgEICQEEQloJCAEBBEJoAQYJAQRCcAkIAQEEQngBBgkBEEI0QUlrLmQB8Ncu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMxOjUwNDPaBAIIAeAEAfAEpuXBkwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAft5wXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=1ef3d86514231108cc54682c84bad04a72b1c852&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7e1758fe-2426-4aef-a9a8-14e114688ad7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame C6F9 0
821 B 75ms
75ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEMbIytzIsYL0PxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFyMXY5MUFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNampnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUxha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODI42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-wD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ab155c35cdfba434bd92fa3b9ea9736a55a07c63&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b4d5aa91-4109-4043-a98f-f85a8cb8bbc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame AE51 0
821 B 53ms
53ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEJ-opZbx9cv6BRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXip2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXRpdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVPVG5nQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXZkg2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIS14UmFkQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTk52gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHqdsE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=e00243783dff9871a9ade3b5f4ba2ee23b6714ae&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 69f5d3af-a528-484f-ac24-d84069d4a7f1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 69EE 0
821 B 60ms
59ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEICH8ZzDv46NcBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXic-QKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXNMdVFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNREhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeElxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITVoU01iZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDAx2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHnPkC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a43eee7c41e68bf5421e475899bb9c106494ebc6&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e7c5ff03-30f9-4a65-a002-6c6d6ec85164
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 1FC1 0
821 B 87ms
55ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGELb1tc2EiL20SBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXik4ASAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyEyVnNBN1FpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVOalhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYOUhxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTY12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHpOAE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ca8aea11baa063a797d70d6df710939fc1c3b042&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ca7854c5-f67b-4942-b2d0-da6a8ad5a394
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AFB9 0
0 136ms
79ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021502&jk=2285640823069249&rc=
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 236ms
97ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://kloperd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Sun, 20 Feb 2022 01:14:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 1a Show response
i.clean.gg/ Frame 8ACA 0
15 B 104ms
95ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kloperd.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 8ACA 0
803 B 65ms
56ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKaDOgaBgAAAwDWAAUBCPSrxpAGENyR6Lv7l9yRdRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt-gKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnZ1dmdpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUXpPVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXcklxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIThoVGJjUTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAegu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL_ICEQoGQURWX0lEEgcxODE1MTg38gEUDENQR18BFDQ0MjkzMTU18gIRCgVDUAETNAgzNTk5ODUyN_ICDQoIATwYRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFXEQ8QCwoHQ1AVDhAPCgVJTwFgBAY1ZYYA8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0Mzk12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQx4AADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgkkKPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH7foC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=cadabf24aa16014b666052e59641fa7a414f62af&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dlmsaqvyf%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dlmsaqvyf%26e%3D1070549076851&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3320ff60-a357-4abf-b7cb-19d80f4b3049
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 60ms
59ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=0&tk=1&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F15271120062018314638.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-f%2BooYX5EcAEJWg%3D%3D&sc=1&os=1-8Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=180&w=207&fy=1103&gp=7162.1875&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&id=1&ii=4&f=0&j=&t=1645319668778&de=926228728797&cu=1645319668778&m=584&ar=944fd8091a1-clean&iw=0f4cc90&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=7162.1875&lb=8850&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1284%3A1284%3A0%3A1322&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=21&cd=0&ah=21&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144842%3A167396%3A6856213%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=413781579&cs=0
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 20 Feb 2022 01:14:29 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 7D92 0
821 B 55ms
55ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKSCvBMEgUAAAMA1gAFAQj0q8aQBhC73e7Oo6qliV8YyM2T-9Dvgt0UKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hR2RVDY3q7j4p8WgJJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCLkgL1AyFQMWc4UkFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnd0FGb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FSS29BUU93QVFDNUFhLXZTalcyLVBRLXdRR3ZyMG8xdHZqMFBza0JBQUFBQUFBQThEX1pBUUEJDnBQQV80QUdNeVNMMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0c2QXdsQlRWTXhPalEwTURqZ0E5UXRnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBVzRJcWtGX3RSNDZTWXg3RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGQXZBRm80U0dBdmdGay1WdWdnWURWVk5FaUFZQWtBWUJtQVlBb1FieGFPT0l0ZmprUHFnR0FiSUdKQWtBAV4FAQBCHbsEQmsFEwUBAEMdGEBMZ0dDZy4umgKZASE3UlIyYz75AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDA42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a86796d6b25be5f800677402d6ab0307c95b2f77&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cfa3d14e-c733-4708-bf2e-406a108571f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EE6 35 KB
13 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 23:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 23:20:39 GMT

GET
H2 200 B24026431.271681034;dc_ver=84.245;sz=300x250;u_sd=1;gdpr=0;aucid=3972022187226824490;crid=240739539;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%2... Show response
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 0C33 11 B
547 B 139ms
24ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B24026431.271681034;dc_ver=84.245;sz=300x250;u_sd=1;gdpr=0;aucid=3972022187226824490;crid=240739539;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3062143102;ord=d7sb9k;click=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FKuPfZ1w4gD8FYW0bbS14PwAAAMD1KLw_BWFtG20teD8q499nXDiAPyr_n3UidR83Kr6giTF3sRP0lRFiAAAAAODoWAEYKAAA6h8AAAIAAADTZFkOC5olAAAAAABVU0QARVVSACwB-gD2ogAAAAABAQUCAAAAANgAkiKzoQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521yhXkYAjX2NQVENPJ5XIYi7SWASAAKAAxmpmZmZmZuT86CUFNUzE6NDE3NkDULUkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNBTVMxOjQxNzY%3D%2Fbn%3D83808%2Fclickenc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.sgtreport.com%2F$0;xdt=1;crlt=jqG1cX_DtS;gcsr=m;sttr=96;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found 9XKVqMYUAydU.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame CCB7 0
0 382ms
123ms Media
text/html 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/9XKVqMYUAydU.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/9XKVqMYUAydU/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=25067520-

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B949 0
731 B 47ms
47ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 234aafc2-f264-4569-9901-0f909be140e3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 8ACA 0
821 B 47ms
46ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENyR6Lv7l9yRdRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt-gKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnZ1dmdpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUXpPVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXcklxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIThoVGJjUTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0Mzk12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH7foC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=9fa8b0c3bb58afe48739d7abacfffc51d2cad8a9&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3f785719-1ef1-42f4-8f57-101a5f390e62
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 43ms
43ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 316c7a44152be4655683cd22b6abc5b1ec42c2f755fc06b6a3203209cdc12453

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.13.211
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
542 B 38ms
38ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 5ab238b6d490e3bca2b20e3f326c87595491a253fe41de7dd2613b76bedba9e3

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
337 B 74ms
74ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3afd488118b9019714ff52272552199e22e0aadc3b9a6f5ad7452fc40f8d8c19

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.7.85
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
542 B 36ms
36ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 5ab238b6d490e3bca2b20e3f326c87595491a253fe41de7dd2613b76bedba9e3

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 103ms
102ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b3925897ba0d8343ca13c8eba8e415051bde0e4e694c4f0630f931dde7ebff97

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
x-server: 10.45.13.245
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
542 B 35ms
35ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 5ab238b6d490e3bca2b20e3f326c87595491a253fe41de7dd2613b76bedba9e3

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sgtreport.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 22 Mar 2022 01:14:29 GMT

GET
H2 200 pp.js Show response
api-54-186-85-70.b2c.com/s/ Frame FAEC 15 KB
6 KB 37ms
24ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-186-85-70.b2c.com/s/pp.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 3751
etag: W/"620fe3a7-3aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B32XHu5C7gHtUYa89iPo5eSEViENiZOWzN%2Bb0Ew2b44NqSQf9qyVXIb%2Bj6mDg%2BWvQYm9yYRPX2SYkVE18E5Ehmajx3NR%2FdNwlzVlVLLAK7cCdI3tGHFWO%2B72B8wHGV9l%2F5wMAz0tZesFRMPhsAe28Fh6Mw7W4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee8d0f4e-MXP

GET
H2 200 pp.js Show response
api-3-71-7-237.b2c.com/s/ Frame FAEC 13 KB
5 KB 43ms
31ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-3-71-7-237.b2c.com/s/pp.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822e2805bc659f7831dacca84ce653e94dfa471f11d65213b9a997dffe1dbd4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 5303
etag: W/"61b7a562-331a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrDqqM2zvpT%2FXR712tCM6k%2BxSxRESaqXkaAWILQg55SP%2Br2%2F0ByUR%2Fd8Uh0ndQbq1tsybgkx%2B8KeNJWhCZp5oEq2rDFaWZlFxohFz4SpvNgiSDOkFixzU%2BqHcLUzxrFoZ7HMRsH9vVnEediEB8v9MYJoHmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0def99459a7-MXP

GET
H2 200 c.js Show response
api.b2c.com/s/ Frame FAEC 310 B
488 B 23ms
21ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/c.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866b3facb1d4b1acfc4fecf2ba23692d0ff94367d44b674b715584d24871d532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5971
etag: W/"620fe3a7-136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fs1OQlYAGyf%2BFig5TGGBN8F4bxQrU%2FNLE3ccMnzmqQIySRCvG7RLeS7S5ExZGi%2Bl9Q6a3qaWKRaxpyIFDaBb6hUUPtE7Kq9u5uCAMPDvnFZgNemFeiCVSWGJzZudlDCf9oJuFUDZuD30"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0dede7c0f4e-MXP

GET
H2 200 p.js Show response
api.b2c.com/s/ Frame FAEC 2 KB
1 KB 22ms
20ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/p.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ba67bc6135ffeb90987a952eeae79444c0c5f7e599b25503a28809e66eb57f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5894
etag: W/"620fe3a7-943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INX4oW0R0ayf8HJed%2B5O%2BLIclWIhd0KuAmzi5p5K9vbWjiJBw4remQU2RZfNZSFh31TMifnq3hqnX1zKIWiTBrPNc%2FfdXKfrq6LWOVn9i6FgYjuVST94jayintWX4%2BJDu%2BMhPkf5VV5w"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0dede7e0f4e-MXP

GET
H2 200 fpc.js Show response
api.b2c.com/s/ Frame FAEC 8 KB
3 KB 23ms
21ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/fpc.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda3d01c7767b50924adea49b13db6cc586e17d80bb261bdd5fea63f514d6a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5894
etag: W/"620fe3a7-1f72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FN3q8IDumTyAYL4%2BqjCLG0F1qDbSRGJZIRBpdyWdtgW5l2hERS1NimmlgObU%2BGz4d00jpw6CKJCdDyU%2FBpgcnn8u4ozvAH68zHGrb6aIHSFZuUPo8S8nX%2FU2jvkxHz6aDb6wOyX3dF8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0dede7f0f4e-MXP

GET
H2 200 fjs.js Show response
api.b2c.com/s/ Frame FAEC 30 KB
13 KB 24ms
22ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/fjs.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f69d6b346d6dc4fad4bece058e8faa55348ef41733d82166d69d64f7a2d6e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 2203
etag: W/"620fe3a7-79e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BxWEqqk7AXqh7JQJnicfpkvr%2Fqq3AqiZXb0WgN%2Fe0l4o06ZCtvMeHZo%2FRsQDgnRkjnR47u3zWUO2By2tJkvQX8p%2BPh5GdkDZkGGXMcYha9n8Wgyy%2FbhZActTrCOkxUQvA92VNFxbR1c"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0dede800f4e-MXP

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A506 52 KB
17 KB 9ms
8ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:29 GMT
Age: 76262
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999643
X-Timer: S1645319670.576266,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame FAEC 0
803 B 16ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QL1DfBM9QYAAAMA1gAFAQj0q8aQBhDU7b-h5sjPqwYYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjwvQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCFrM1NDZWdpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPak01T0RuZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRmxSLVlCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFhaGFEUj5lAmRJdTBsZ0VnQUNnQU1hcngwazFpRU5BX09nbD1pFGxBMUMxSgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCCBEQUlVQjRBSWsxgNhBOEQ4LtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS_yAhEKBkFEVl9JRBIHbcIw8gISCgZDUEdfSUQSCHGcARUIBUNQARQACXWSEPICDQoIAT4YRlJFURIBMAUQHFJFTV9VU0VSBRAAFQkgTENPREUSCTI1MTUtNTUzNfICFgoIAWIFGAAKBRgsMTYwOTfyAgsKB0NQCRgcAPICEAoFSU8BdAAHjUEY8gIYCgdJTwkhAA0ZOUwtSU_yAhMKD0NVU1RPTV9NT0RFTAE4FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwVCghTUExJVAFNGfnwhoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMzNDQjQU1TMTozOTg52gQCCAHgBAHwBKXGIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBaaKQ_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBuEM2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi-BkAAyAfwvQPSBw0VdhgQABgA2gcGCSdE4AcA6gcCCADwB8aZAYoIAhAA&s=bdf4ed2aed6d6d6624f5ae06c4c9d7ddac9d4f05&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dmgblvigba%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Dmgblvigba%26e%3D1070549076851&

Requested by

Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 57d849ce-cf24-4b57-bed9-17886460aae1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pp.js Show response
api-54-202-241-254.b2c.com/s/ Frame 9A33 15 KB
6 KB 36ms
27ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-202-241-254.b2c.com/s/pp.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 3721
etag: W/"620fe3a7-3aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkiYpkijbcelZYpmTsEwDfBL2kpiATC2geBsqMUulunYO30a02Mp8egzgZPsjDVSHZ6vScGQOV36VMxuDKQoHgQgP%2FmbrzggaWpGFLKr3cjz8Bzln7jowtLnDRcE6M3L9jqSE9DP9KxmCeD2zo9OQ%2B7kuS1JuSsh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee8e0f4e-MXP

GET
H2 200 pp.js Show response
api-3-122-254-151.b2c.com/s/ Frame 9A33 13 KB
5 KB 42ms
33ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-3-122-254-151.b2c.com/s/pp.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822e2805bc659f7831dacca84ce653e94dfa471f11d65213b9a997dffe1dbd4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 1369
etag: W/"61b7a562-331a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TINzACvjbqVe%2FVi4EXIbjSVonshtTSTjfKKVm9H%2BhCezQaNV38LGkVkJVJfPlnRpZTArqpkeesLGTseDi3uZMq1eOQXnVCWgJqLeyeINm4%2BvwiflwJctn2zPMyZlT7GfkMQsqwNg8HSz8MONxH%2BJWdD%2FMX3JtbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0def9ba59a7-MXP

GET
H2 200 c.js Show response
api.b2c.com/s/ Frame 9A33 310 B
472 B 25ms
23ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/c.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866b3facb1d4b1acfc4fecf2ba23692d0ff94367d44b674b715584d24871d532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5971
etag: W/"620fe3a7-136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkdHu15MubhUVeiTONeTqr9Of8VmKBqxtGs4N%2BtJjm2bl%2FPYPXvWiu13X7xpLne58CqDG5CI98hPg4Gh4viYs2kzlTEIoX7Cemc24cspQky6p8kxcMJzJNN%2BOwo%2F4G%2BvqEESY%2BDpi2Xg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee810f4e-MXP

GET
H2 200 p.js Show response
api.b2c.com/s/ Frame 9A33 2 KB
1 KB 24ms
22ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/p.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ba67bc6135ffeb90987a952eeae79444c0c5f7e599b25503a28809e66eb57f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5894
etag: W/"620fe3a7-943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygucI8uKJ3lA0dq50NRh%2FErdOX6PfTzFikcjIJNRDLbwiIYVco6Rw5coUc03IgSwbSuopGIkCL5nEwUv%2BMxvlZZkY3a5VqAWwmeCPfxckmg8sIzla7jT1%2FKo%2FkYFdUWyHpQbGfpdFXAX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee830f4e-MXP

GET
H2 200 fpc.js Show response
api.b2c.com/s/ Frame 9A33 8 KB
3 KB 27ms
25ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/fpc.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda3d01c7767b50924adea49b13db6cc586e17d80bb261bdd5fea63f514d6a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5894
etag: W/"620fe3a7-1f72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbO80LcjkdRbVQtTovlA3PK6MsGyoj4OmsKe6VliiX9K9knj%2BBgQOeEmYpEt2wH5d0RWRssJWOmznme9Wrzq57KPeRDpyAfloIeIX0nbc70xl5E4u6qh6Ds6c6ms5u3fa5JVaPUbI7SI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee850f4e-MXP

GET
H2 200 fjs.js Show response
api.b2c.com/s/ Frame 9A33 30 KB
13 KB 24ms
23ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/s/fjs.js
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f69d6b346d6dc4fad4bece058e8faa55348ef41733d82166d69d64f7a2d6e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 2203
etag: W/"620fe3a7-79e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67ptFXMFFSQna0v0sK5Lx2ae6FQzCM1G1pN6bNeWVBVjRaRVdgP8GtofzpzCiT5%2Fph4ltERWaxhv4T%2FeoHiK9Sajw5z6VMzmHscH29Xw5%2BArWThLdVOMZklCKz157IAQxBo9wNJ24GkM"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e03e0deee870f4e-MXP

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 685C 52 KB
17 KB 20ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:29 GMT
Age: 76261
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000623
X-Timer: S1645319670.592395,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 9A33 0
803 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QL1DfBM9QYAAAMA1gAFAQj0q8aQBhCr8dfiu_-Ws1gYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjHgQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCF3blM0a3dpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPalF4TnpYZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRnp5Q1lCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFYaFl0UXc6ZQJkSXUwbGdFZ0FDZ0FNYXJ4MGsxaUVOQV9PZ2w9aRRWQTFDMUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQggREFJVUI0QUlrMYDYQThEOC7YAgDgApuFTuoCGmh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20v8gIRCgZBRFZfSUQSB23CMPICEgoGQ1BHX0lEEghxnAEVCAVDUAEUAAl1khDyAg0KCAE-GEZSRVESATAFEBxSRU1fVVNFUgUQABUJIExDT0RFEgkyNTE1LTU1MzXyAhYKCAFiBRgACgUYLDE2MDk38gILCgdDUAkYHADyAhAKBUlPAXQAB41BGPICGAoHSU8JIQANGTlMLUlP8gITCg9DVVNUT01fTU9ERUwBOBQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcFQoIU1BMSVQBTRn58IaAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zMzQ0I0FNUzE6NDE3NdoEAggB4AQB8ASlxiCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWmikP6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AbhDNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vgZAAMgHx4ED0gcNFXYYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=31206f1ed50d8a60b2e23356ebebb9e7fe1fe5d7&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddoqzlmjfh%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddoqzlmjfh%26e%3D1070549076851&

Requested by

Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4d1ca610-88d1-44ee-b508-b5ba85e9b88e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0C33 27 KB
9 KB 158ms
117ms Script
text/javascript 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?sz=300x250&c=2072668300&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=2072668300&sz=300x250&js=st_dapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0aca8f8f8c479c67708efe4b591c2d1dd665a6adcf5881edf5821c10ef3dd879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: cWg663TbZOPypW2v31xfPwZgJ56TZe7CfQF-22stRSmUeI52DOKgVg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 893A 762 B
1 KB 318ms
195ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1187535665396776961&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.eba5affb81872f47ca2d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

7e5d0fc7b9e22b1103c6f495d34a0c78dbed3b538fe64dbb0d2858b5ac2ea82b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"2fa-ARP/pXXLAb7Fk7ZfzlUFb43uRwI"
x-powered-by: Express
access-control-allow-methods: GET
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=158
strict-transport-security: max-age=631138519
content-length: 530
x-xss-protection: 0
x-response-time: 129
server: tsa_f
x-frame-options: SAMEORIGIN
date: Sun, 20 Feb 2022 01:14:29 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ", VZ", VZ, VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 8792d869e5be7f0822439aafc595ff6e34b606bda06533c0f0fedf86a0f9d9b2
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame FAEC 0
821 B 14ms
13ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QK-C_BMvgUAAAMA1gAFAQj0q8aQBhDU7b-h5sjPqwYYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjwvQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCFrM1NDZWdpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPak01T0RuZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRmxSLVlCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFhaGFEUj5lAmRJdTBsZ0VnQUNnQU1hcngwazFpRU5BX09nbD1pFGxBMUMxSgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCCBEQUlVQjRBSWsxgPCwQThEOC7YAgDgApuFTuoCGmh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDgbEy4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzM0NCNBTVMxOjM5ODnaBAIIAeAEAfAEhY8giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFpopD-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG4QzaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOL4GQADIB_C9A9IHDRV2GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a08ba9b1499a6f3ca543cfbaf52b98943927bb34&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e865aa58-3ae0-4c1d-b433-4ebfe4cd7ef2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 9A33 0
821 B 14ms
14ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QK-C_BMvgUAAAMA1gAFAQj0q8aQBhCr8dfiu_-Ws1gYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjHgQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCF3blM0a3dpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPalF4TnpYZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRnp5Q1lCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKZASFYaFl0UXc6ZQJkSXUwbGdFZ0FDZ0FNYXJ4MGsxaUVOQV9PZ2w9aRRWQTFDMUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQggREFJVUI0QUlrMYDwsEE4RDgu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjMzNDQjQU1TMTo0MTc12gQCCAHgBAHwBIWPIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBaaKQ_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBuEM2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi-BkAAyAfHgQPSBw0VdhgQABgA2gcGCSdE4AcA6gcCCADwB8aZAYoIAhAA&s=21b8b6c5eff2b872ec01d7fe49dc99fd57396ed0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 573ecd6d-60c6-4074-be08-ab15ef110aa8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame FAEC 83 KB
26 KB 55ms
17ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
via: 1.1 d0eca2095801c087da79efef3ee8a5a8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: TXL50-P3
cf-ray: 6e03e0df984e6961-FRA
x-amz-cf-id: KPYaxwhXGWgol5HldCyqtMKjOzms5ImNOZq7SNXqSzHhYPE_Y1dK1g==

GET
DATA 200
OK truncated
/ Frame FAEC 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A506 0
731 B 16ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5802eef4-5d98-40ad-93b8-cbb8a3e16425
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 9A33 83 KB
27 KB 30ms
16ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
via: 1.1 d0eca2095801c087da79efef3ee8a5a8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: W/"3db78dddb0e62e1c5a4e475fcf6ccf9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: TXL50-P3
cf-ray: 6e03e0df98506961-FRA
x-amz-cf-id: KPYaxwhXGWgol5HldCyqtMKjOzms5ImNOZq7SNXqSzHhYPE_Y1dK1g==

GET
DATA 200
OK truncated
/ Frame 9A33 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 685C 0
731 B 21ms
21ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:29 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6de45649-17f3-4a6b-ab24-e467ebab2898
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ad.gif
api-3-71-7-237.b2c.com/s/ Frame FAEC 43 B
377 B 22ms
21ms Image
image/gif 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-3-71-7-237.b2c.com/s/ad.gif
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=mgblvigba&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 5430
etag: "61b7a562-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIdLtjIGNCEM0Zug6jZTR4ZpTu8%2B8%2BoWx7RFtWdoi5BXDUzLu1y3gg8p%2BYp41LOfsWa2yu9HCPzXqsGQvJ76dhNZsrZqnaI5VBzqaDOzmfnq30DoolPUlEMuMtQrTG%2FF%2FLA0QQdhaFbl8IcRQog8wMpuad0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e03e0e00b1e59a7-MXP
content-length: 43

GET
H2 200 ad.gif
api-3-122-254-151.b2c.com/s/ Frame 9A33 43 B
341 B 28ms
27ms Image
image/gif 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-3-122-254-151.b2c.com/s/ad.gif
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=doqzlmjfh&e=1070549076851
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Dec 2021 19:56:18 GMT
server: cloudflare
age: 6304
etag: "61b7a562-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGRQTtqDRYaokHIG1Gd9nIHiMAcAycTbGbhqxcKJByoiRVQrqT%2FYweoTrX6vK%2BZDEUyjOJJo4EDk2POIjlWC42RYF%2Byfg0Kxgywa2hgY2T6ikHJ4cgxcMxnGjlUB%2BFdWzK191UBv0EjPzcp3ruHNQNyzmgNtgk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e03e0e05b9259a7-MXP
content-length: 43

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9EE6 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pQCtog
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D959 52 KB
17 KB 7ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=drqex&e=1070549076851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:30 GMT
Age: 76262
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000625
X-Timer: S1645319670.036469,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 0C33 0
803 B 13ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QLtDPBMbQYAAAMA1gAFAQj0q8aQBhCq_v-sp6TdjzcYqvyCzZjm3dgTKjYJKuPfZ1w4gD8RBWFtG20teD8ZAAAAwPUovD8hBWFtG20teD8pKuMJJPCwMQAAAEDheoQ_MODR4wo4mFBA6j9IAlDTyeVyWIu0lgFgAGj2xbIBeOCOBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0ODE5MzQzLCAxNjQ1MzE5NjY4KTt1ZignaScsIDQ4MjQ2NjUsIDE2NDUzMTk2NjgpO3VmKCdnJywgMTI3MzQ3MjgsIDE2NDUzHTswcicsIDI0MDczOTUzOTY9APCLkgL9AyFObVFIclFqWDJOUVZFTlBKNVhJWUFDQ0x0SllCTUFBNEFFQUFTT29fVU9EUjR3cFlBR0NLQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQlhHM0VheHc1Z0RfQkFWeHR4R3NjT1lBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWRtOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE56YmdBOVF0Z0FUZjZjVUVpQVN3N3NzRWtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAVRpQVhRSUtrRl90UjQ2U1l4N0QteEJRCRwBARR3UVdhbVoFAhA1UDhrRgEUHDRHSkh0RF9SLigACDJRVQEb0EFBQUR3UC1BRm1BYndCWWlpaVFiNEJZLVRwZ0tDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFaBV4sYmtfcUFZRXNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEheWhYa1lBNgECNGk3U1dBU0FBS0FBeG1wBWtcWnVUODZDVUZOVXpFNk5ERTNOa0RVTFVrAb4JwQAxPTQARhEYDEFBQUcdGABHHRgASB0YDEhnQWkuFQLwgXcuLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS_yAhEKBkFEVl9JRBIHNDgxOTM0M_ICEgoGQ1BHX0lEEggxMjczNDcyOPICCgoFQ1BfSUQSATDyAg0KCEFEVl9GUkVREgEw8gINCghSRU1fVVNFUhIBMPICEQoFIDxDT0RFEgU1MDUzM_ICIwoIAVYFFBgXMDBrM3AwAQFMc2ViNGxBQUFfZGVfNfICCwoHQ1AJJRwA8gIQCgVJTwGJCAc0OGW_GPICHQoHSU8JIQwSMDA2DUZgdWRiM0tBQVHyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMTo0MTc22gQCCAHgBAHwBNPJ5XKIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGCSQo8D_QBugp2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAfgjgXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=878b7afb9002bcae6642d57f496fe920a7ebf3c6&bdref=https%3A%2F%2Fwww.sgtreport.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.sgtreport.com%2F,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddrqex%26e%3D1070549076851,https%3A%2F%2Fkloperd.com%2Fr%2Fp.html%3Ff%3Ddrqex%26e%3D1070549076851&

Requested by

Host: kloperd.com
URL: https://kloperd.com/r/p.html?f=drqex&e=1070549076851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: afc26724-b11d-4067-a772-bce0d4b4a424
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 893A 43 B
379 B 117ms
117ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1645319670091%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227eaf60f%3A1644956708753%22%2C%22item_ids%22%3A%5B%221187535665396776961%22%5D%2C%22item_details%22%3A%7B%221187535665396776961%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Sun, 20 Feb 2022 01:14:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9ea5fe420dbcff773b9e37c95229f09f6ec320f6da2fe7f8487b7d7afaf7eee0
x-transaction: 20b9c1b7015d83aa
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 16:07:27 GMT
x-content-type-options: nosniff
age: 292023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15556
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 16:07:27 GMT

GET
H3 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:18:08 GMT
x-content-type-options: nosniff
age: 395782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 11:18:08 GMT

GET
H/1.1

200
OK

4 Show response
v4-api-3-71-7-237.b2c.com/api/ Frame FAEC
Redirect Chain

https://api-3-71-7-237.b2c.com/api/x?efx5dRmGVy5ghV9s$cGljYXNzbyQwJGMxYjJlMDAyIiwicGljYXNzby10aW1lJDAkMTUuNCIsInVybCQwJGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1tZ2JsdmlnYmEmZT0xMDcwNTQ5MDc2ODUxIiw...
https://v4-api-3-71-7-237.b2c.com:444/api/4?efx5dRmGVy5ghV9s

0
141 B

33ms
8ms

XHR
text/plain

3.71.7.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-3-71-7-237.b2c.com:444/api/4?efx5dRmGVy5ghV9s
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Server: 3.71.7.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-7-237.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-3-71-7-237.b2c.com:444/api/4?efx5dRmGVy5ghV9s
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mECRRkTXnxoY2KsSSffMuYOLHOuXr5%2BQW%2F%2FVqbhibqbKskPAEgcoF0R5kK8pJGH8bhIqceKGDSGMtc83nn3yAwzq8BoNKfbaHmq%2FH2a1XcuZgR3x8%2FEsnAWs5yBNLG%2FA4qGceLGOlixJETrjlMbRd3zDKwM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e03e0e3ac86839c-MXP

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 0C33 0
821 B 24ms
24ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QK4CvBMOAUAAAMA1gAFAQj0q8aQBhCq_v-sp6TdjzcYqvyCzZjm3dgTKjYJKuPfZ1w4gD8RBWFtG20teD8ZAAAAwPUovD8hBWFtG20teD8pKuMJJPCwMQAAAEDheoQ_MODR4wo4mFBA6j9IAlDTyeVyWIu0lgFgAGj2xbIBeOCOBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCA0ODE5MzQzLCAxNjQ1MzE5NjY4KTt1ZignaScsIDQ4MjQ2NjUsIDE2NDUzMTk2NjgpO3VmKCdnJywgMTI3MzQ3MjgsIDE2NDUzHTswcicsIDI0MDczOTUzOTY9APCLkgL9AyFObVFIclFqWDJOUVZFTlBKNVhJWUFDQ0x0SllCTUFBNEFFQUFTT29fVU9EUjR3cFlBR0NLQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQlhHM0VheHc1Z0RfQkFWeHR4R3NjT1lBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWRtOHBnTDFBYzNNekQyWUFnQ2dBZ0cxQWcBIwRDOQkI8FVEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE56YmdBOVF0Z0FUZjZjVUVpQVN3N3NzRWtBUUJtQVFCd1FRQQFiBQEITWtFBQgFARhEWUJBRHhCBQwJAVRpQVhRSUtrRl90UjQ2U1l4N0QteEJRCRwBARR3UVdhbVoFAhA1UDhrRgEUHDRHSkh0RF9SLigACDJRVQEb0EFBQUR3UC1BRm1BYndCWWlpaVFiNEJZLVRwZ0tDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFaBV4sYmtfcUFZRXNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEheWhYa1lBNgECNGk3U1dBU0FBS0FBeG1wBWtcWnVUODZDVUZOVXpFNk5ERTNOa0RVTFVrAb4JwQAxPTQARhEYDEFBQUcdGABHHRgASB0YDEhnQWkuFQLw13cuLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0FNUzE6NDE3NtoEAggB4AQB8ATTyeVyiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAkOcNgFAeAFAfAFpMYq-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBugp2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAfgjgXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=d476962836427e729dfca608c63cd636db7d0ad8&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3258044291673512007&vd=ct~0|rr~0&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bfff9bc7-fc29-4cb2-a153-74f57122dfde
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 zrp43w3j_normal.jpg
pbs.twimg.com/profile_images/1495085798907158529/ Frame 893A 2 KB
3 KB 51ms
50ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1495085798907158529/zrp43w3j_normal.jpg

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE8) /

Resource Hash

c3291977e0065193f0b811f415be25fa0e6deb5779795cf66fea34b60d225261

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
x-content-type-options: nosniff
age: 28461
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2187
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/4 profile_images/1495085798907158529
last-modified: Sat, 19 Feb 2022 17:18:06 GMT
server: ECS (mil/6CE8)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5d5a35ecff1cc0f3315d333dcd41790a1533e0aaea6a3bb592260a27be193781
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

4 Show response
v4-api-3-122-254-151.b2c.com/api/ Frame 9A33
Redirect Chain

https://api-3-122-254-151.b2c.com/api/x?AAppOZbRMfvsNzrG$cGljYXNzbyQwJGMxYjJlMDAyIiwicGljYXNzby10aW1lJDAkMTEuMyIsInVybCQwJGh0dHBzOi8va2xvcGVyZC5jb20vci9wLmh0bWw_Zj1kb3F6bG1qZmgmZT0xMDcwNTQ5MDc2ODUx...
https://v4-api-3-122-254-151.b2c.com:444/api/4?AAppOZbRMfvsNzrG

0
141 B

60ms
27ms

XHR
text/plain

3.122.254.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-3-122-254-151.b2c.com:444/api/4?AAppOZbRMfvsNzrG
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: HTTP/1.1
Server: 3.122.254.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-254-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-3-122-254-151.b2c.com:444/api/4?AAppOZbRMfvsNzrG
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7OI8Huh7KhoK45JawBSOcwePElxVP1QmcusM8u9c1%2BEwzfyDd1uFkOJ0Xxv9vMpbXcskR5YYVrmP2aykMDb%2FDJ%2FAJwcam0iSSx%2B4lRO9odxbxV9vacCNFYSrTNCcYXo7YjfadCIhEzz1M%2BYWg6mDA73VVDkzLY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e03e0e3dcfa839c-MXP

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame C0C7 2 KB
1 KB 27ms
18ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Iur2OT78CyWM6ZXLEdiTslSQ32Knnot-heZb3UOc-CI8CkQPxjLlXw==
age: 62391
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e3ed816961-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 8F40 2 KB
1 KB 21ms
13ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: FCruptqrt_GLFFruiHptHnbN8ct-JrPKaalDF6hU9n86s9mBHk5GCA==
age: 62391
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e3ed7c6961-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame A243 2 KB
1 KB 20ms
17ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Iur2OT78CyWM6ZXLEdiTslSQ32Knnot-heZb3UOc-CI8CkQPxjLlXw==
age: 62391
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e3ed7e6961-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/static/ Frame 2FF4 2 KB
1 KB 15ms
13ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=__$PP_h&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-type: text/html
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: FCruptqrt_GLFFruiHptHnbN8ct-JrPKaalDF6hU9n86s9mBHk5GCA==
age: 62391
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e3ed806961-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 31ms
23ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1645319670380599363846&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&lu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=621195f6-0c9a2&pageView=1&pvid=17f14b1ca6c8b1d9d5a&site=45762&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e03e0e3fb5b92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 145D 0
821 B 80ms
80ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEIGL8bOG_oyqVxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjc7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnRIdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNRERnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXb0xha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZoU3Zidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEJBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODAw2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH3OwD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=67e7ea39fb25f3fd39a50e50c853a021dfad68cc&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a81ca916-c336-4db4-9bc8-333fc5db04d5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame C6F9 0
821 B 27ms
27ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEMbIytzIsYL0PxgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjH7AOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFyMXY5MUFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVTRNampnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYRUxha0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo1ODI42gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHx-wD0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ab155c35cdfba434bd92fa3b9ea9736a55a07c63&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3e37e827-1c01-4931-b209-03ef37cdf655
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame F47E 0
821 B 14ms
13ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEL698dfpvIKcGBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt5wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFqVnRWdndpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qVXdORFBnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeko2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YQExnR0NnLi6aApkBITZSUmRiPv0BZEl1MGxnRWdBQ2dBTWZGbzQ0aTEtT1EtT2dsPUkUTkExQzFKBV0YQUFBOEQ5UgEICQEEQloJCAEBBEJoAQYJAQRCcAkIAQEEQngBBgkBEEI0QUlrLmQB8Ncu2AIA4AKbhU7qAhpodHRwczovL3d3dy5zZ3RyZXBvcnQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA4GxMuADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0yMTcuNjQuMTUxLjI5qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMxOjUwNDPaBAIIAeAEAfAEpuXBkwGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi-BkAAyAft5wXSBw0JEToYEAAYANoHBgknROAHAOoHAggA8AfGmQGKCAIQAA..&s=1ef3d86514231108cc54682c84bad04a72b1c852&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cb411bbf-ab7b-4be6-961e-d6bec4973558
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame AE51 0
821 B 13ms
13ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEJ-opZbx9cv6BRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXip2wSAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXRpdlFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVPVG5nQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXZkg2a0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIS14UmFkQTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGxBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTk52gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHqdsE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=e00243783dff9871a9ade3b5f4ba2ee23b6714ae&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: aa3c2d9d-3e15-4e88-8dc2-3fbf7f67487b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame DFFB 0
821 B 13ms
13ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENXs1dOO0eH5dRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXin6AWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFsbHZteEFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXX0lxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITZ4VHJidzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDE12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHp-gF0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a7c052ec2ab675d2c086ca531c3dea0d9fcbac77&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 931735dd-88a3-45c0-a5e7-8b3217bb349c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 1FC1 0
821 B 13ms
13ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGELb1tc2EiL20SBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXik4ASAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyEyVnNBN1FpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qTTVOalhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFYOUhxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITlCUnRjZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTozOTY12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHpOAE0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=ca8aea11baa063a797d70d6df710939fc1c3b042&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: db061cb2-abbf-4940-8cbe-08f0c9472c9a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 69EE 0
821 B 25ms
14ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGEICH8ZzDv46NcBgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXic-QKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFnMXNMdVFpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUTBNREhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXeElxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBITVoU01iZzr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFEZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0NDAx2gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgHnPkC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a43eee7c41e68bf5421e475899bb9c106494ebc6&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0fbd79da-f965-4b62-b706-7cb00dfa9b1e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D959 0
731 B 15ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: acec65d3-7a07-4b71-bfb6-e6ed0be07707
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B93 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021502&jk=2285640823069249&bg=!ExClEFTNAAbf-5Dq3_s7ACkAdvg8Wv1G17Zq20DOqcCUQsszS4B-aZhIpdZ_CcMi_OTbsGyRORjIJwIAAAKyUgAAAAJoAQeZAwtpoYmHn74LUOUGXAJZunZbOskmWfP7nX29oJYOKe6y49MjY1OwogXKCETGUH-Ufm047FnukCdvSvVksHvH6r7Kh0ZXdzKE0so7eTQwKrOh8wkjcEbQvyBPHZxQvo4a4kVpptZQ4lZsDBl2l_bUBr2lZC5BwHYKRYuq-H5X1QmVJAIhZ7MGjXgp8nbbcFx55I8z-kwsTzWHipqJ5gFURC_8qeVGLS5Xun9dPY8ftwtZ_Fe_0AgOmQxrCCBMNBV5i0N2riVIHzvFQ9pNRXmp1oI0I-rdQFD7cJiQM3Cu3L-R365LCm3RDvJlg-kI0UlWnXk0Mbg3ZVKtzt1BwteaswGevu3kBzt5pthrwO0wR2kP8ZleOSxoQB-cX_sV12Pk82zVaYzMv9aTGC_-6RbW5jB_MxYyRiy2OBwqlF0ldNmAHYJ1Te2T2uJdXfcSW2PAuYgJKwbV5_pe1RiopFiyb_pCLt47zuTQs9v5NpYJukFXHgZxb0PTvxW0re20eTDcy9jBdiUNmknGy-8xLPgTJgqSOLAXDnyOrnq1M8kAC8bTNfyK2JLN39dsXU-dGqTFRwaTPMTFtJMn3FaY3CWmozv0b8fOhnjiMQUMNNaaWCqrJttUgzA_zUAtPK_qRiplaGFxJV_RcHfejXqDgsYuGVBrz9YWGB8XyHWhxN1eTkWqzH4-dJ_meA5x-Xxuz_74t32-CYmOmmtCPEve1mWIc5_DOx7Nz6_RT-t7gOxkY6G1v2Qb2sTsAGFv0g2m5jU5KV_xe-2k74IKxLsyT7UItGM11maWvvxgZomSNnhBZL5lLJpkiss-tuAq01V9mVqr1_SjOQTPOnmV-zNBSraNZ-OD7CgYWuwdJ-9jszg2P4s9yBPMGaXV0OsutK6oPAvschk-oNFjCvCsyOKQjxmE40tHiCAiKFJ5Ies9_nwveliHECNqAxOhtjR-YYx4eoHNENGLpG5c8lnnmfooVpN3TKYGMvQroIs_02S1gPpZeh0Ba-iBEeHBj0nK98muJ6pexw8QP0c4PSGAXSH1XA

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 7KtixRT9tVfw.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ED0B 2 MB
2 MB 4718ms
4455ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/7KtixRT9tVfw.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/7KtixRT9tVfw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash: ae1355341daa923bf2f84a58dbea51cfe3fba998366225d91e0135ebf011c4ad

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=46661632-

Response headers

Date: Sun, 20 Feb 2022 01:14:34 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 46661632-48242808/48242809
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1581177

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B949 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8bf5d6ac-6fa3-4d28-aabc-a8e321c2ceeb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 20ms
19ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 6310
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6e03e0e439d25b98-FRA
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 24ms
23ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 6310
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8KE49RBWCJ5QH1AR
x-amz-id-2: zZ6zE08YJcPOjxt60oq3ijyDWaqYBQ/hC6Rayp7+3fbs91ub4rGX09ngQCecW1G6ZJIu8n5/R7w=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6e03e0e439d35b98-FRA
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H3 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 2FF4 151 KB
47 KB 64ms
49ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62391
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47886
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "b88aa12fdb3081df3c3188598478f007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 6e03e0e45ec55bfd-FRA
x-amz-cf-id: TmV2TFeg8ZrQt_FKQx2yWpyahjcPF8NdXv3VPgQJ8pVj6ShHDw0lyQ==

GET
H3 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame 8F40 151 KB
47 KB 92ms
81ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-checkbox.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62391
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47886
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "b88aa12fdb3081df3c3188598478f007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 6e03e0e45ebd5bfd-FRA
x-amz-cf-id: TmV2TFeg8ZrQt_FKQx2yWpyahjcPF8NdXv3VPgQJ8pVj6ShHDw0lyQ==

GET
H3 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame A243 208 KB
60 KB 45ms
35ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62391
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60785
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 6e03e0e45ec25bfd-FRA
x-amz-cf-id: bCQer4707ciM3atRiYnexMj5j8Gtu-pSmF7iYnUXtt1vdvJksQAtNA==

GET
H3 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/e61b2d8/ Frame C0C7 208 KB
60 KB 102ms
93ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
Origin: https://newassets.hcaptcha.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62391
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60785
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 07:44:18 GMT
server: cloudflare
etag: "3f5cf3f58a9b58a4506ae9dd004186ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
cf-ray: 6e03e0e45eb85bfd-FRA
x-amz-cf-id: bCQer4707ciM3atRiYnexMj5j8Gtu-pSmF7iYnUXtt1vdvJksQAtNA==

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 8ACA 0
821 B 24ms
24ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QKOCugOBQAAAwDWAAUBCPSrxpAGENyR6Lv7l9yRdRgAKjYJ8WjjiLX49D4RR2RVDY3q7j4ZAAAAwPUovD8hRw0SACkRJPCVMQAAAEDheoQ_MODR4wo4mFBApgZIAlCm5cGTAViLtJYBYABo9sWyAXjt-gKAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCWHVmKCdhJywgMTgxNTE4NywgMTY0NTMxOTY2OCk7dWYoJ2knLCA1NjY0MTIsIDE2NDUzMTk2ERwwcicsIDMwOTM1OTI3MDYfAPCQkgL5AyFpVnZ1dmdpX2xwVVJFS2Jsd1pNQkdBQWdpN1NXQVRBRU9BQkFBRWltQmxEZzBlTUtXQUJnX19fX193OW9BSEFCZUFHQUFRR0lBUUdRQVFHWUFRR2dBUktvQVFPd0FRQzVBYS12U2pXMi1QUS13UUd2cjBvMXR2ajBQc2tCQUFBQUFBQUE4RF9aQVFBQQUPcFBBXzRBR015U0wxQWF6Rkp6ZVlBZ0NnQWdDMUFnASIEQzkJCPBMREFBZ0hJQWdIUUFnSFlBZ0hnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNeE9qUXpPVFhnQTlRdGdBUUFpQVFBa0FRQW1BUUJ3UVEBWQkBCE1rRQkJAQEYRFlCQUR4QgELDQFUaUFXcklxa0ZfdFI0NlNZeDdELXhCUQ0dFEFBQXdRVQEHCQEITWtGCQkBAQREUi4oAAAyLigA8D5PQUZBdkFGbzRTR0F2Z0ZrLVZ1Z2dZRFZWTkVpQVlBa0FZQm1BWUFvUWJ4YU9PSXRmamtQcWdHQWJJR0pBa0EBXgUBAEIduwRCawUTBQEAQx0YRExnR0NnLi6aApkBIThoVGJjUTr9AWRJdTBsZ0VnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBMUMxSgVdGEFBQThEOVIBCAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJay5kAfDXLtgCAOACm4VO6gIaaHR0cHM6Ly93d3cuc2d0cmVwb3J0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOBsTLgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS4yOagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMTo0Mzk12gQCCAHgBAHwBKblwZMBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXhqBz6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4vgZAAMgH7foC0gcNCRE6GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=9fa8b0c3bb58afe48739d7abacfffc51d2cad8a9&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=3258044291673512007&vd=ct~0|rr~6&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 59dbd7cc-822d-4df0-ae10-c72bb56bd512
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/372839/ 5 KB
2 KB 53ms
34ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/372839/1?pv=5&cbuster=1645319670493833681148&niet=4g&nisd=false&jsv=es6&w=225&h=633&cols=2&ref=&cxurl=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&lu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=621195f6-0c9a2&pageView=1&pvid=17f14b1ca6c8b1d9d5a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b815a2c451b60329fafaf475f73f17e239e5623814ce8e54b7baf308945ec477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e03e0e4bcad92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jot
syndication.twitter.com/i/ Frame 893A 43 B
124 B 124ms
123ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1645319670507%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227eaf60f%3A1644956708753%22%2C%22item_ids%22%3A%5B%221187535665396776961%22%5D%2C%22item_details%22%3A%7B%221187535665396776961%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A2424.1000003814697%7D

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Sun, 20 Feb 2022 01:14:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9ea5fe420dbcff773b9e37c95229f09f6ec320f6da2fe7f8487b7d7afaf7eee0
x-transaction: 10c464bed8d8114e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/372834/ 21 KB
8 KB 138ms
138ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/372834/1?w=789&h=2640&cols=3&pv=5&cbuster=1645319670527161170713&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&lu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&sessionId=621195f6-0c9a2&pageView=0&pvid=17f14b1ca6c8b1d9d5a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 510684c77031cc7dc17c50127e886adeb71748c0c25e17174de1eee9b838650e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e03e0e4dcdc92b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EB33 90 KB
28 KB 98ms
52ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
DATA 200
OK truncated
/ Frame 8F40 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 8F40 508 B
857 B 21ms
21ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=kloperd.com&sitekey=2df1732c-ecfd-49a6-a24a-43399e9769af&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf36f22646bf17d023b25e6816bc087a7c255ace343d9fab472ca2cd744dca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6e03e0e598405bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 49ms
34ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=kloperd.com&sitekey=2df1732c-ecfd-49a6-a24a-43399e9769af&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e57b9d927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 2FF4 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4786 90 KB
28 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 25AB 90 KB
28 KB 38ms
38ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0CE3 90 KB
28 KB 52ms
52ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 2FF4 508 B
858 B 21ms
20ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=kloperd.com&sitekey=2df1732c-ecfd-49a6-a24a-43399e9769af&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7ac0796360a1429b20a753964ed8bd378f033322e991399648c81c291f697f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 6e03e0e5a8575bfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 12ms
12ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=e61b2d8&host=kloperd.com&sitekey=2df1732c-ecfd-49a6-a24a-43399e9769af&sc=1&swa=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e03e0e59bd5927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 75B9 90 KB
28 KB 58ms
58ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 8C7A 90 KB
28 KB 57ms
57ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/328x328/30x199x632x632/ 31 KB
31 KB 350ms
322ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193499/328x328/30x199x632x632/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1645319670-6Dc_mKfqMbDcfm-cvdFiye4XoGqoV8dxAx4_BxVO4xM
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d470c02b2e1a364053b46a69ea8d7bc4f32a38118f3af3149a8ffa10acc1ab5

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:53:24 GMT
x-mg-request-uuid: 1455e072-632b-4d1b-aaae-d3f7a00c2ac1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5dee98fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31820
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp
s-img.mgid.com/g/3931460/328x328/147x8x328x328/ 8 KB
8 KB 321ms
293ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3931460/328x328/147x8x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp?v=1645319670-vRcmN3AXAw6vXse04LhgauT5oseYvjoa32KPqKbUkAo
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50fe5b3cb60fc41a4bc41517e7886d035a25e0929870cb439d99479528175279

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:49:45 GMT
x-mg-request-uuid: 85f22c2b-eae7-4aaf-8a05-7b818afc0959
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5deeb8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8338
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvMTAxOTI0LzE2YTc2MzI5MDNjMTgzMTcwM...
s-img.mgid.com/g/11533493/328x328/-/ 5 KB
5 KB 306ms
278ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533493/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvMTAxOTI0LzE2YTc2MzI5MDNjMTgzMTcwMzkwNjIxNjVmMGRmNDIzLmpwZWc.webp?v=1645319670-vBsR3hTxcvWO06kEJKzEtPsVlYUsN7RiiivFPFQeNbM
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234b79b1ef625568c31211f05bfa5f7c13207911dae348f7c4d60b5895ea1041

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:34:44 GMT
x-mg-request-uuid: 6edb3b73-6529-4397-a888-a3f337b222ed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5deed8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4656
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2YyMTgyZmY3NjM0ZWM1NjU4Z...
s-img.mgid.com/g/11533318/328x328/-/ 13 KB
13 KB 358ms
331ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533318/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2YyMTgyZmY3NjM0ZWM1NjU4ZDE0ZWIwMGQ3NGViZTEyLmpwZWc.webp?v=1645319670-gGgoVTDeK-nDSFy3Wd8b653uALnoD64HFK3s5tUmKAI
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47231f968a1a1bb001211d6740be108b3c1c21f16b11dfc9ecb08d8d124f132c

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:30 GMT
x-mg-request-uuid: b5db18a0-5391-4c70-b96f-c99bb0c47a3d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5deee8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12936
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/328x328/0x0x564x564/ 22 KB
23 KB 315ms
288ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164899/328x328/0x0x564x564/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1645319670-2W1WBmAlpvxHUo2eR5mNqgemhwxebHls6cGwjvL4QR8
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf1b7efc40a26542b0709391af5fef2b01f487975f3e70385d566295d671231

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:49:25 GMT
x-mg-request-uuid: dd610e18-e8d9-471b-997b-c9e9ad6f2906
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5deef8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22962
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzMwNjJlNTEyMjE5M2JkNzg4Z...
s-img.mgid.com/g/11739867/328x328/-/ 11 KB
11 KB 565ms
538ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739867/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzMwNjJlNTEyMjE5M2JkNzg4ZGRiNTQ0ZjI3OGY5NzFkLnBuZw.webp?v=1645319670-WIav6759oWu01vjJunAWRQBMdy68SNIAzkwl6xC2EBM
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b3421fd8dfd17d1a25e0b129c178432707d25382268c0915cbe6987b60b50c

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:53:16 GMT
x-mg-request-uuid: 12cf71c4-fc2a-4705-b59d-d9ad61b176b6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e5def08fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10802
server: cloudflare

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4F92 13 KB
5 KB 20ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2365
date: Sun, 20 Feb 2022 01:14:29 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EB33 90 KB
28 KB 74ms
34ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 219E 90 KB
28 KB 37ms
33ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A506 0
731 B 15ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c37eb7c-0b9f-4455-a3ab-27d79d753700
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/16f83349/ Frame C0C7 919 KB
347 KB 17ms
17ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/16f83349/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
via: 1.1 7279057aafa9070c677136c3d9c68912.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84196
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 01:45:41 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG50-P1
cf-ray: 6e03e0e5d88a5bfd-FRA
x-amz-cf-id: lT3tQU64kse-HtxVkfryZ5mAoYwg1Mcs56d4D5T0w-UQeK0c1xrGgg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3245 13 KB
5 KB 35ms
34ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 6530
date: Sun, 20 Feb 2022 01:14:29 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4786 90 KB
28 KB 115ms
96ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 40 KB
7 KB 225ms
61ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Fri, 21 Jan 2022 08:57:47 GMT
server: nginx
etag: "a089-5d613d01797c6-gzip"
vary: Accept-Encoding
x-cached-since: 2022-01-21T09:04:54+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 6903
expires: Sat, 21 Jan 2023 09:04:54 GMT

GET
H2 200 mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 24 KB
3 KB 226ms
63ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372834.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 08:55:19 GMT
server: nginx
etag: "6184-5cd0a5f7ec588-gzip"
vary: Accept-Encoding
x-cached-since: 2022-02-04T10:11:21+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 3405
expires: Sat, 04 Feb 2023 10:11:21 GMT

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/16f83349/ Frame A243 919 KB
347 KB 33ms
33ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/16f83349/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
via: 1.1 7279057aafa9070c677136c3d9c68912.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84196
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Feb 2022 01:45:41 GMT
server: cloudflare
etag: W/"777d618166357c7ea8c00b987c3ad278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG50-P1
cf-ray: 6e03e0e5f8a75bfd-FRA
x-amz-cf-id: lT3tQU64kse-HtxVkfryZ5mAoYwg1Mcs56d4D5T0w-UQeK0c1xrGgg==

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame D9BD 90 KB
28 KB 38ms
37ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0794 13 KB
5 KB 42ms
42ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4577
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 25AB 90 KB
28 KB 101ms
101ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame FAEC 0
821 B 38ms
38ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.sgtreport.com%2F&e=wqT_3QK-C_BMvgUAAAMA1gAFAQj0q8aQBhDU7b-h5sjPqwYYqvyCzZjm3dgTKjYJ1uJTAIxngD8RsAuu1fgueD8ZAAAAwPUovD8hsAuu1fgueD8p1uIJJPCaMQAAAEDheoQ_MODR4wo4mFBAkBpIAlDn4euRAViLtJYBYABo9sWyAXjwvQOAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDUyMDgwNzMsIDE2NDUzMTk2NjgpO3VmKCdpJywgNjgzNjU3OCwgMTY0NTMxOTY2OCkFHTBnJywgMTcwNjgxODUsQjsAMHMnLCAyNzEwNTg4NjRGHwAwcicsIDMwNTg1MjY0NzYfAPCwkgLhBCFrM1NDZWdpQ2xPQVlFT2ZoNjVFQkdBQWdpN1NXQVRBQk9BQkFBRWlRR2xEZzBlTUtXQUJnaWdab0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFjdFZac19nYVlBX3dRSExWV2JQNEdtQVA4a0JBQUFBSUt4djJ6X1pBUUFBQUFBQUFQQV80QUhpb3FFRDlRRmdSQ1E4bUFJQW9BSUN0UUlBASUIdlFJAQfwWEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0phVXJ4OFFCQmdCTGUtUzh6bWlBeE1JXzdHVkh4QUtHQUV0WVgzYlBqSURkVzVyBTQwTF8ta1I4UUN4Z0NMUQFvwEM2QXdsQlRWTXhPak01T0RuZ0E5UXRnQVRONU9RSGlBVFI1T1FIa0FRQW1BUUV3UVEBNQkBCE1rRQkJAQEIRFJCAQcsQUFBd0NGQTJBUUE4LiwAeElnRmxSLVlCYkNQb0lFQnFRWC0xSGpwSmpIc1A3RUYBOAkBCERCQgWYCQEIeVFVCQkQQUFBUU4yKAAAWhUo8ENQQV80QVdoQnZBRm1lR1JDUGdGaWZDOUFvSUdBMVZUUklnR0JKQUdBWmdHQUtFR3F2SFNUV0lRMEQtb0JnU3lCaVFKQQFhCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFhaGFEUj5lAmRJdTBsZ0VnQUNnQU1hcngwazFpRU5BX09nbD1pFGxBMUMxSgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCCBEQUlVQjRBSWsxgPCwQThEOC7YAgDgApuFTuoCGmh0dHBzOi8vd3d3LnNndHJlcG9ydC5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDgbEy4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuMjmoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMzM0NCNBTVMxOjM5ODnaBAIIAeAEAfAEhY8giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFpopD-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG4QzaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOL4GQADIB_C9A9IHDRV2GBAAGADaBwYJJ0TgBwDqBwIIAPAHxpkBiggCEAA.&s=a08ba9b1499a6f3ca543cfbaf52b98943927bb34&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=0.8&sid=3258044291673512007&vd=ct~0|rr~5&sv=223&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22604000&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/223/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8caaed64-97fb-479e-90a9-c8291a965cfa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://kloperd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 685C 0
731 B 54ms
54ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:30 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 96fccb65-da0b-4470-b217-5a6f52acddd1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4F92
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=lcX_13w5WWN3TVJsUko1RHdjVktGQTE1NVRhUGFTbURlcE9DaG9iZm9QVmkzN1FONkJXS1JQL2ZQQ2RJNEhGNzVtc0plT09FMFdNNnVLRVBEYm9oSUhzUmZxc1lpaVRZZGN3czViT0xuMktHbnZuczd0M3hoSnFuZVI4UT...

436 B
635 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lcX_13w5WWN3TVJsUko1RHdjVktGQTE1NVRhUGFTbURlcE9DaG9iZm9QVmkzN1FONkJXS1JQL2ZQQ2RJNEhGNzVtc0plT09FMFdNNnVLRVBEYm9oSUhzUmZxc1lpaVRZZGN3czViT0xuMktHbnZuczd0M3hoSnFuZVI4UTNuNU1panVSaHYwQUZZZXF5WWFGc3NaYng5ME9NQmY3YVptRmtINGZlWW5lZndIVUplVnpVa0pvTTVnQUhBNkk1cXBjWDd1eFBZVGR1OTRwMW95Y0ZLZTlOdDUrWklkYktoc1RjVGFKcnZJU0c4ejlOdW9jQkYxcFRqcC9xekVaTnJLOGlnZWtMMGlZRytYaUVROUREeVUvUVUxbkhsQXkyclZXKyt3QXZtOU1MaVNMdHpFaz18&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

693ca9f6b483ca2d55117ffa494fb0058219304dc378001bd709c65613becc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4221
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=lcX_13w5WWN3TVJsUko1RHdjVktGQTE1NVRhUGFTbURlcE9DaG9iZm9QVmkzN1FONkJXS1JQL2ZQQ2RJNEhGNzVtc0plT09FMFdNNnVLRVBEYm9oSUhzUmZxc1lpaVRZZGN3czViT0xuMktHbnZuczd0M3hoSnFuZVI4UTNuNU1panVSaHYwQUZZZXF5WWFGc3NaYng5ME9NQmY3YVptRmtINGZlWW5lZndIVUplVnpVa0pvTTVnQUhBNkk1cXBjWDd1eFBZVGR1OTRwMW95Y0ZLZTlOdDUrWklkYktoc1RjVGFKcnZJU0c4ejlOdW9jQkYxcFRqcC9xekVaTnJLOGlnZWtMMGlZRytYaUVROUREeVUvUVUxbkhsQXkyclZXKyt3QXZtOU1MaVNMdHpFaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2038
content-length: 567
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BB56 13 KB
5 KB 37ms
35ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3225
date: Sun, 20 Feb 2022 01:14:29 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0CE3 90 KB
28 KB 110ms
110ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4084 90 KB
28 KB 51ms
50ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
62 B 216ms
196ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1645319670733753810866
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6e03e0e63f5592b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4BE7 13 KB
5 KB 53ms
49ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4888
date: Sun, 20 Feb 2022 01:14:29 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 75B9 90 KB
28 KB 106ms
103ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 973A 13 KB
5 KB 46ms
45ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4593
date: Sun, 20 Feb 2022 01:14:29 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 8C7A 90 KB
28 KB 112ms
111ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NzgseV81MjQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2MzMDk4M...
s-img.mgid.com/g/11533295/680x453/-/ 48 KB
48 KB 330ms
328ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533295/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NzgseV81MjQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2MzMDk4M2VjMTM3NzM2ODc1ZGMxMTBmZTIwZDg3ODUxLmpwZw.webp?v=1645319670-1oxFcBWWZxi8G2h07T2enT9xM5Smsxude_BlJrglKPA
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2fff0a054ce94a399b4b74e78a4ae6e4cefcea8f354989bf95e149b93511382

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:30:02 GMT
x-mg-request-uuid: 4dfe4f37-6e09-4518-98b9-9bd3784d9727
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f5f8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48942
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83YjRhM2QxMzNkYjhmNjgxO...
s-img.mgid.com/g/11739876/680x453/-/ 26 KB
27 KB 537ms
534ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739876/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83YjRhM2QxMzNkYjhmNjgxOWMzZmU3NTQ1MTYwMmNiNS5qcGVn.webp?v=1645319670-gQYE_M80N6_vKeb3R5-UAYHHqPjS416q5HErBSjg7dQ
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5ceebed69a08c15302950fc5072f1cf037c25b762fc149b9d79e28aafb64a8

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 15:01:22 GMT
x-mg-request-uuid: 9d45e508-d092-429d-9965-e78914f1efc5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f618fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27000
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzBmNjE3MzQxMmZiMDJiOTMzMDdlYTVmMWJhMGMyZTExLnBuZz90PTE0OTgxNjEyNzI1NjE.webp
s-img.mgid.com/g/3805599/680x453/2x0x595x396/ 22 KB
23 KB 306ms
303ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805599/680x453/2x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzBmNjE3MzQxMmZiMDJiOTMzMDdlYTVmMWJhMGMyZTExLnBuZz90PTE0OTgxNjEyNzI1NjE.webp?v=1645319670-PC55VZOmhvEUmVhOb86jmHxmL_I3ZJ_beyEzoqyl5IM
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af5f7393c2ed0e53c7552a31026edb6b5044e5d09411b983bf61b88abb985c8

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 17:40:00 GMT
x-mg-request-uuid: 35b9a2ce-7aa3-4665-86f0-bcf0b25cba04
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f648fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22872
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC83ZjY4MjdkMDQyN2U5MDBjY...
s-img.mgid.com/g/11739831/680x453/-/ 65 KB
65 KB 1233ms
1229ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739831/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC83ZjY4MjdkMDQyN2U5MDBjYzJhZTQ5ODYyZWIwOTlmNy5qcGVn.webp?v=1645319670-wMEQNNXqTe8uFZXVkVtY6n7BF9RAz4lE3xQmyuT4aos
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1810795e881041a40afa930e057c8c3e2245bc4ff874454b74a0acad9f8fa57

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 13:33:30 GMT
x-mg-request-uuid: aee72bf6-414d-4ee8-b551-bd6d76f47638
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f658fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66358
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp
s-img.mgid.com/g/11739833/680x453/0x0x1686x1124/ 8 KB
8 KB 531ms
528ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739833/680x453/0x0x1686x1124/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgzMWRmMjMyZGYxMzQ2NzA1YjFiMzRkNThlMmE2M2Q1LmpwZWc.webp?v=1645319670-M5rRSu_Qa3DqV_L6LM2yzgIZ8mP8B4pE_MhiWC-ag3Q
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7329790be2ad149424162c688951c9be2a3145b35c11bd07096fddef5af13eab

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 13:28:04 GMT
x-mg-request-uuid: ccb1d27a-9aab-4e36-a4f9-e8391ddb7ce8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f688fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8212
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2NjNjc3NmQ2NThiOWNlOTdlODVmYzljMjAxZGEwYjMwLmpwZWc.webp
s-img.mgid.com/g/8193522/680x453/55x0x584x389/ 24 KB
25 KB 302ms
299ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193522/680x453/55x0x584x389/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2NjNjc3NmQ2NThiOWNlOTdlODVmYzljMjAxZGEwYjMwLmpwZWc.webp?v=1645319670-0okBq6MBo1rKoAyYxLR-gW55LDgOwEy7zUAZIpsIpiE
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 146915ab2ce19690cc1973c5e5518ada574f1f3b403838d2e146697a1aa706f6

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:58:58 GMT
x-mg-request-uuid: fe0d8654-df4a-4528-932e-c76c2339514d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f698fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24962
server: cloudflare

GET
H2 200 aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.jpg
s-img.mgid.com/l/-/680x453/-/ 39 KB
40 KB 284ms
281ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/l/-/680x453/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.jpg?v=1645319670-yCACVdR5HtkVn_HkzdWWuf_PU9_XxFnNDjkrEXdqTVU
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90494772a11146cc5080291747836c8e85dc1309a8bca8a720c300bcd830c537

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
x-mg-request-uuid: aa1ce6ab-9195-474a-8f80-f8b2cde20628
cf-polished: qual=85, origFmt=jpeg, origSize=54814
content-disposition: inline; filename="aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39928
last-modified: Sun, 26 Dec 2021 20:56:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f6a8fd0-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzQyM2Y5ZTBjM2ZiNzU4ZWEzODRhN2YwMTBiMGMwNWQ3LmpwZWc.webp
s-img.mgid.com/g/4723164/680x453/0x41x1502x1001/ 37 KB
37 KB 298ms
295ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723164/680x453/0x41x1502x1001/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzQyM2Y5ZTBjM2ZiNzU4ZWEzODRhN2YwMTBiMGMwNWQ3LmpwZWc.webp?v=1645319670-XFqaRXOrmy-Hvvyh6pViN4K5aaRplyiRBq9_ATRLh-k
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0513e0c918ca247044494df94fbdc8acbc782bf4d5256b935b7c72ae576131a

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:42 GMT
x-mg-request-uuid: a931b4ab-97d2-4dba-8709-c995057cc223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f6b8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37928
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzU1OTU2N2VmYTdkYmY0ZWE4NGU5ODAyNGM0ZGIzMjg0LmpwZz90PTE0OTY5MTkzNTE3Mzg.webp
s-img.mgid.com/g/3805445/680x453/97x0x650x433/ 23 KB
23 KB 295ms
293ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805445/680x453/97x0x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0LzU1OTU2N2VmYTdkYmY0ZWE4NGU5ODAyNGM0ZGIzMjg0LmpwZz90PTE0OTY5MTkzNTE3Mzg.webp?v=1645319670-lAi2SOi0DAqmSXxnoIo-Pjy1INP-OaRRbrkE4frT9bY
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a1f7eef1aa1d1ed84333888c9a32d550db4f6baf7dad9ef4428b96828f4392d

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:50:34 GMT
x-mg-request-uuid: 901b2c8a-cf84-4f05-8781-b998193b371a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f6d8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23668
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC85NWJkY2QxMGI5Zjg2ZTQzY...
s-img.mgid.com/g/10881028/680x453/-/ 34 KB
35 KB 286ms
284ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881028/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAzLzEwMTkyNC85NWJkY2QxMGI5Zjg2ZTQzYTljMTEwNzc5YTZmNmM4Yi5qcGVn.webp?v=1645319670-I5z1KB_oQknME7HCtihY9VfVDrjIhrc58ellWutZIDg
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fe13c8f53e03e8ddc6314235807b011f97c644d91c4449fa68120fe40f8893

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:07:40 GMT
x-mg-request-uuid: 9379ecd6-58f1-42ed-a261-af8abf01203e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f6f8fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35304
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zOTgseV80MjcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0L2UxNzQ3Z...
s-img.mgid.com/g/11739830/680x453/-/ 115 KB
116 KB 704ms
702ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739830/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zOTgseV80MjcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0L2UxNzQ3ZGE5NzIwZWQzODk2MjIzOTdjMTdmY2QxM2U3LmpwZw.webp?v=1645319670-T_axHLlwgwCrgNo15Zgg-AZXxT3geza2p2DwOs0hikU
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d446c0dd836321e820d6964387fe587a587cb3e61ec1925c4c35b6a9348207

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 13:23:41 GMT
x-mg-request-uuid: d826d01e-c411-47f8-b2a2-881c1b899f12
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f708fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117978
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC8xNjJlNzQxMjExMDlmM2RjN...
s-img.mgid.com/g/11533333/680x453/-/ 18 KB
19 KB 38ms
37ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533333/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC8xNjJlNzQxMjExMDlmM2RjNjg0NzhmM2E4OTY0MTdiMi5qcGVn.webp?v=1645319670-anzmCE-_-aKivaHbIhkt0FmM-iJHh3w3y8N4MLAblHQ
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8823f78f0f4f7e811642bc188995b46873df218d1c9a94160d0e3e4fb3ea4413

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:45:19 GMT
x-mg-request-uuid: 171f120d-f9a9-4109-9656-acae752acb98
age: 10659
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f718fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18754
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84MmFiYmVhN2NlZmQxNjAxO...
s-img.mgid.com/g/11739856/680x453/-/ 43 KB
43 KB 545ms
544ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739856/680x453/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC84MmFiYmVhN2NlZmQxNjAxOGViNzY2MGQ1N2RmMjA1MC5qcGc.webp?v=1645319670--_nAsp3cW6ZfaSMJFzrw_3XIVlwhkl8Ql3NIeAjtgX8
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e9281601fe408ae3b648c03691d998f3bab42f2b954a7ea14e616935b5a1b51

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 14:18:03 GMT
x-mg-request-uuid: a82ecc4c-3225-437f-893f-ec1514552c36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f728fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44034
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp
s-img.mgid.com/g/3805532/680x453/0x0x492x328/ 11 KB
12 KB 302ms
300ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805532/680x453/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp?v=1645319670-6vgcsikQ2bDz2UTXPCMtR4QxNLAyDlSwbsRSjpkfJEU
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d5479dc42d3ccd5bfc4d3575af65518d8aaa9c64671c7efae2dae2bcd033fb

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:44:35 GMT
x-mg-request-uuid: c842f43c-2604-4a89-8ae0-174b2063e703
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f738fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11606
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp
s-img.mgid.com/g/3805658/680x453/0x0x902x601/ 62 KB
62 KB 333ms
332ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805658/680x453/0x0x902x601/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp?v=1645319670-P8ZIj1WIYegB0su6XPBYpvDD8Kn2lFeGe9C-4HjOq9U
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e00a3274f9fce58df20ab0086464951c0b6637073d01d9ff3c84eda73250a4f

Request headers

Referer: https://www.sgtreport.com/
Origin: https://www.sgtreport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 17:26:14 GMT
x-mg-request-uuid: 5fcd6384-e5f0-4900-972c-0ff8aeabe6f5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e64f758fd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63014
server: cloudflare

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 07EB 90 KB
28 KB 24ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BD4C 13 KB
5 KB 29ms
29ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4146
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 219E 90 KB
28 KB 61ms
60ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame E113 0
113 B 114ms
113ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1645319670809909760797
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/s/g/sgtreport.com.372839.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6e03e0e69fe592b7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8D00 13 KB
5 KB 39ms
39ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4436
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame D9BD 90 KB
28 KB 36ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3245
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=uxUXaXwxRlVPQys3Q0JnbHlKQWZsUHU2ZVIvd0hpU1VpWko0aDVDbDNSR3RDTFlZSkRzcEt5Z3dvbTluZmFtMnRHSHpXTWUxOTFaQld4UXU3dUxiaXF5Ky9sMG5VV3cxbmJKejVCZURwVDdHem5uS3lJd3lVNkplSWxlTj...

441 B
638 B

18ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uxUXaXwxRlVPQys3Q0JnbHlKQWZsUHU2ZVIvd0hpU1VpWko0aDVDbDNSR3RDTFlZSkRzcEt5Z3dvbTluZmFtMnRHSHpXTWUxOTFaQld4UXU3dUxiaXF5Ky9sMG5VV3cxbmJKejVCZURwVDdHem5uS3lJd3lVNkplSWxlTjF3T1YvamxWaTluRlJocFM5OFFzeDFSR1RLa3RUWXpGTTVseGp6NitPbWtoSTVQdGIrU2VsM2tRTnBCRk1ISGwxNkF0YlgrRDRZYTBzQlpJVFZuMWxlT013UG5tbkRqT0ZKdU1IOHF1NWFXSkFSY2Jub2hjVm96eC9KTDBzSWUrNkFNQWdOR0FkZ3YvbmdudjZocVhuSHl5Q0FpNUhQMTExMy9IN3FmWCtCREFCTHNGMW52bz18&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0036e0c31960141e4392118b4cad74eae78486db68ef87481da153a2dd1e5214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3492
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=uxUXaXwxRlVPQys3Q0JnbHlKQWZsUHU2ZVIvd0hpU1VpWko0aDVDbDNSR3RDTFlZSkRzcEt5Z3dvbTluZmFtMnRHSHpXTWUxOTFaQld4UXU3dUxiaXF5Ky9sMG5VV3cxbmJKejVCZURwVDdHem5uS3lJd3lVNkplSWxlTjF3T1YvamxWaTluRlJocFM5OFFzeDFSR1RLa3RUWXpGTTVseGp6NitPbWtoSTVQdGIrU2VsM2tRTnBCRk1ISGwxNkF0YlgrRDRZYTBzQlpJVFZuMWxlT013UG5tbkRqT0ZKdU1IOHF1NWFXSkFSY2Jub2hjVm96eC9KTDBzSWUrNkFNQWdOR0FkZ3YvbmdudjZocVhuSHl5Q0FpNUhQMTExMy9IN3FmWCtCREFCTHNGMW52bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1809
content-length: 567
expires: 0

GET
H2 200 adSrcNoUi.js Show response
video-native.mgid.com/scripts/ 1 KB
622 B 61ms
60ms Script
application/x-javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.83.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 28 Sep 2020 12:35:01 GMT
server: nginx
etag: "56d-5b05ee52e311c-gzip"
vary: Accept-Encoding
x-cached-since: 2022-02-02T11:29:40+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 481
expires: Thu, 02 Feb 2023 11:29:40 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F0DA 90 KB
28 KB 26ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0794
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=Xi4hjnxEZUVKNlJPNmFoU0R0MmthVk5valF3dWJRcVlha2sxMDArUVZSNmlOZTlMUVJMd0V0RWcxRjNUYkVxNzEzMEwxVkZXbG1SZUthaG5Ua3g1d2Q1dUdNMURFOWNzSGNISUF3eDN6KzErdFgwM3BscVZoK3RDWTlic2...

417 B
625 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Xi4hjnxEZUVKNlJPNmFoU0R0MmthVk5valF3dWJRcVlha2sxMDArUVZSNmlOZTlMUVJMd0V0RWcxRjNUYkVxNzEzMEwxVkZXbG1SZUthaG5Ua3g1d2Q1dUdNMURFOWNzSGNISUF3eDN6KzErdFgwM3BscVZoK3RDWTlic2N5K0VmaHAyRHBaV2tlWGIva05aRElJWFlKUFovQ3FlSXlreUdWUkE4cGtPeElJcDl5ays2TXh0Rm9XM2hSeWExODlzMU96VVVUMGVNZkg3L3RiYUpyVUhKdDJkRGRCdzZpeGZ1dzJYUDBDQlcvZ2RTMFhSZFU4cFNnT1B0NExtcnpXa2FFdUJnMER0b1lRaG9RMHFFcndFb2ZhOTdraHdqaDYxZFFiTHVjRlFCMDV1VUlzVT18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f1a46c2c348837a1ef9aa529e4b08d1f450b00b031c1aa8ee83f4963a16879b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3013
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Xi4hjnxEZUVKNlJPNmFoU0R0MmthVk5valF3dWJRcVlha2sxMDArUVZSNmlOZTlMUVJMd0V0RWcxRjNUYkVxNzEzMEwxVkZXbG1SZUthaG5Ua3g1d2Q1dUdNMURFOWNzSGNISUF3eDN6KzErdFgwM3BscVZoK3RDWTlic2N5K0VmaHAyRHBaV2tlWGIva05aRElJWFlKUFovQ3FlSXlreUdWUkE4cGtPeElJcDl5ays2TXh0Rm9XM2hSeWExODlzMU96VVVUMGVNZkg3L3RiYUpyVUhKdDJkRGRCdzZpeGZ1dzJYUDBDQlcvZ2RTMFhSZFU4cFNnT1B0NExtcnpXa2FFdUJnMER0b1lRaG9RMHFFcndFb2ZhOTdraHdqaDYxZFFiTHVjRlFCMDV1VUlzVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1818
content-length: 567
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 891B 13 KB
5 KB 23ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4769
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2

200

sid Show response
mug.criteo.com/ Frame BB56
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=tRXXG3xkZUFKWnMxdVY3SUZkWVpjT3RSaCsvU0ozYk5LMUY2S1ZMRzJGaUV4M3RCZWF3TW5Xd2kyUlJWSERSOUxjdi92N1FULzF3U21jV3RPRVJiM2RJWitNM3FMTWc2enlLcHZ5YXFncHlXV215RjlFcDhBbElqQ1QyVU...

425 B
627 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tRXXG3xkZUFKWnMxdVY3SUZkWVpjT3RSaCsvU0ozYk5LMUY2S1ZMRzJGaUV4M3RCZWF3TW5Xd2kyUlJWSERSOUxjdi92N1FULzF3U21jV3RPRVJiM2RJWitNM3FMTWc2enlLcHZ5YXFncHlXV215RjlFcDhBbElqQ1QyVUtmeE9NR2hJZ2IwcStUb2wzRnZUV29KVVBTN0dFckVhWHRtcFNCL1hBYU9WRERZSXpWOFpVUWpYdWx2aC9OenFmQTluNnRCbFViZkNkNThuUmRVVEpBeFBUdGJiSkNYb3BPendRZ2NJb0RpVkZmTjZZYUxscVVrOXNJY04yQVlPSmxncXV3aTVjKzJwVUV1S25FMnJkdUZvQVUvRXlFVks5U2NySlZZTFcrYlRSSGJVelVpdz18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

912af7e842e9a8a222728745f8c528bba061a8dd877e29207f7ef2cdbecfe8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3139
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=tRXXG3xkZUFKWnMxdVY3SUZkWVpjT3RSaCsvU0ozYk5LMUY2S1ZMRzJGaUV4M3RCZWF3TW5Xd2kyUlJWSERSOUxjdi92N1FULzF3U21jV3RPRVJiM2RJWitNM3FMTWc2enlLcHZ5YXFncHlXV215RjlFcDhBbElqQ1QyVUtmeE9NR2hJZ2IwcStUb2wzRnZUV29KVVBTN0dFckVhWHRtcFNCL1hBYU9WRERZSXpWOFpVUWpYdWx2aC9OenFmQTluNnRCbFViZkNkNThuUmRVVEpBeFBUdGJiSkNYb3BPendRZ2NJb0RpVkZmTjZZYUxscVVrOXNJY04yQVlPSmxncXV3aTVjKzJwVUV1S25FMnJkdUZvQVUvRXlFVks5U2NySlZZTFcrYlRSSGJVelVpdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2446
content-length: 567
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5B51 13 KB
5 KB 26ms
25ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3629
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame DF1B 90 KB
28 KB 26ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Feb 2022 01:14:30 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 27 KB
10 KB 95ms
17ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.83.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f078ca043e6e18d550b942649e2c0c34d8edd86f8f10e4cf65ab1cfd82a39edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvdKsL6-M8DMRwKpnLzXO-5vbhSbdp31ZAn75LCoC9QXNlvSU5PoA5_Ucfykv3Y6FckOiSwH2F4nUhLLW6ebOb2jwViNw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9564
last-modified: Mon, 14 Feb 2022 07:19:52 GMT
server: UploadServer
etag: "c0a7757b2aed45a49c0613dd028f75ae"
vary: Accept-Encoding
x-goog-hash: crc32c=S2aYgg==, md5=wKd1eyrtRaScBhPdAo91rg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1644823192677983
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9564
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 20 Feb 2022 01:19:31 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 326ms
98ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=5f77212252e5813080721d0e&e=playerLoaded&cb=1645319670954
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4BE7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=5uyHDnxOemFHcVZZdnJXVEx2anVmM2xicmVjN3F2NTdUZHlQcVgxWU85Q3dwYkljVUlUQWUzeVpwVzM4Y1RqcVBIUUwyM0tBbERRU0ZRbEwwNkNPbGJ0amJveDNXM3l3K3NWazVBZDdiVDUwM2JVL0FXN2ZiaS9ML0JZNj...

428 B
631 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5uyHDnxOemFHcVZZdnJXVEx2anVmM2xicmVjN3F2NTdUZHlQcVgxWU85Q3dwYkljVUlUQWUzeVpwVzM4Y1RqcVBIUUwyM0tBbERRU0ZRbEwwNkNPbGJ0amJveDNXM3l3K3NWazVBZDdiVDUwM2JVL0FXN2ZiaS9ML0JZNjZZQ0NNQlVQakpreUFPQ1dyTG8yeEVaOGo1U01zOUowTCt4RzZIQmxIbGFDZFo4WjRMZUk2TG1DcjM5dks5anVqVDhGSVl4WkJNMjFMc1U4aDhhQVVGcm0ydEswSVEyNlB2cEpDRHV6QXRNTW1TZzVZV0ZmN3g5N3JOMUdNQ2lIK1Q3RG9vYmlQT3AzejlkZ0Fnc1paYXpEdE1LWWhmc21GanpyNEtteUVqMHBEMWJjeVRlcz18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0b41677dacefc3bab4c1c349cd753f343d3605b745acda9f0054a384a82f65f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3471
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=5uyHDnxOemFHcVZZdnJXVEx2anVmM2xicmVjN3F2NTdUZHlQcVgxWU85Q3dwYkljVUlUQWUzeVpwVzM4Y1RqcVBIUUwyM0tBbERRU0ZRbEwwNkNPbGJ0amJveDNXM3l3K3NWazVBZDdiVDUwM2JVL0FXN2ZiaS9ML0JZNjZZQ0NNQlVQakpreUFPQ1dyTG8yeEVaOGo1U01zOUowTCt4RzZIQmxIbGFDZFo4WjRMZUk2TG1DcjM5dks5anVqVDhGSVl4WkJNMjFMc1U4aDhhQVVGcm0ydEswSVEyNlB2cEpDRHV6QXRNTW1TZzVZV0ZmN3g5N3JOMUdNQ2lIK1Q3RG9vYmlQT3AzejlkZ0Fnc1paYXpEdE1LWWhmc21GanpyNEtteUVqMHBEMWJjeVRlcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1537
content-length: 567
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 973A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=Y-Az53w4dzdjV2k0MmM2TVZMSzMwODJuZy80VllaZEQwaFYxamdZMGl0VklSMFl3ZUlCUG5WbldZSmpDNVBuTHVXL1JkWUk1N2VHeEZPNGxrMzV3UDRBKzlUdkUvZWZhZk9YQmZPcUROamRSWVN0SWgzY3ZRRmZVeWc0OH...

428 B
631 B

18ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Y-Az53w4dzdjV2k0MmM2TVZMSzMwODJuZy80VllaZEQwaFYxamdZMGl0VklSMFl3ZUlCUG5WbldZSmpDNVBuTHVXL1JkWUk1N2VHeEZPNGxrMzV3UDRBKzlUdkUvZWZhZk9YQmZPcUROamRSWVN0SWgzY3ZRRmZVeWc0OHZCam1JKzg4Q21HdmU0enBMMUgrMjVUMkJyczNPNFhWWVQ1REM5TzhLelZXUDBVaTlWeVBWWmFSVVdYek5hNEc4Y0RGQy9xd0RLb3dDdDVqVHh0elltdUdXVE9neXRBamdEcTBpRUtUNWVMQk85MjkzYWt0MWRKRVorWkh0WkplemRQM2RhYW1XQWcvNFg4RzJhd0VkdFpjL3RQeERhTXZlK3M1RG9mZDNRQkVSVy9FV04yVT18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

80f70efe7ce3c13841f8c8cee03e5d1efdac871633aa7e4be4b18bc9a55b9348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3288
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Y-Az53w4dzdjV2k0MmM2TVZMSzMwODJuZy80VllaZEQwaFYxamdZMGl0VklSMFl3ZUlCUG5WbldZSmpDNVBuTHVXL1JkWUk1N2VHeEZPNGxrMzV3UDRBKzlUdkUvZWZhZk9YQmZPcUROamRSWVN0SWgzY3ZRRmZVeWc0OHZCam1JKzg4Q21HdmU0enBMMUgrMjVUMkJyczNPNFhWWVQ1REM5TzhLelZXUDBVaTlWeVBWWmFSVVdYek5hNEc4Y0RGQy9xd0RLb3dDdDVqVHh0elltdUdXVE9neXRBamdEcTBpRUtUNWVMQk85MjkzYWt0MWRKRVorWkh0WkplemRQM2RhYW1XQWcvNFg4RzJhd0VkdFpjL3RQeERhTXZlK3M1RG9mZDNRQkVSVy9FV04yVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1562
content-length: 567
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame BD4C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=gLcr-3xFWWRibEZHNW5PVEdqUU9qOEF5RUl1bGlPaUJ1RU1qS3lWVk9nWHkvWFo2bWNJVVY4NFRaNGhwTGs4cU1FTDltcmJMTUZnY2NkTU5ENU82MXEzTUtYd0VUemJtMjlzb2laZGRGa1h0VkVVYXpzWWxEdVpacXRzVk...

428 B
631 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gLcr-3xFWWRibEZHNW5PVEdqUU9qOEF5RUl1bGlPaUJ1RU1qS3lWVk9nWHkvWFo2bWNJVVY4NFRaNGhwTGs4cU1FTDltcmJMTUZnY2NkTU5ENU82MXEzTUtYd0VUemJtMjlzb2laZGRGa1h0VkVVYXpzWWxEdVpacXRzVkowSlNZaGliSW43TThLWm8zYVVRWCt2a0tjUnZoYjNXTFpGV3ZoQmk1OFM4WWdZQ3R3aUFvSE9WbXYzTjdBdnBEWWpvdkpTY21GUy8xMmdzYWIyZmVPdDVJQW1aL0kwOW4rL1NmdzFuYmZQeWNwaGowZXQ1Z0w5WmpVNDFZOGJuek54dEIrTzhnUjF1RWpoV1pBOHRGdVlKajdsdFAxNUoyVmovMTJuL0l1enFFaDNabzVnYz18&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

afbafa8fee72259ea4fb6c17c0b6ea450872361db3d7fb86b7fbf479d39a2606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3093
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=gLcr-3xFWWRibEZHNW5PVEdqUU9qOEF5RUl1bGlPaUJ1RU1qS3lWVk9nWHkvWFo2bWNJVVY4NFRaNGhwTGs4cU1FTDltcmJMTUZnY2NkTU5ENU82MXEzTUtYd0VUemJtMjlzb2laZGRGa1h0VkVVYXpzWWxEdVpacXRzVkowSlNZaGliSW43TThLWm8zYVVRWCt2a0tjUnZoYjNXTFpGV3ZoQmk1OFM4WWdZQ3R3aUFvSE9WbXYzTjdBdnBEWWpvdkpTY21GUy8xMmdzYWIyZmVPdDVJQW1aL0kwOW4rL1NmdzFuYmZQeWNwaGowZXQ1Z0w5WmpVNDFZOGJuek54dEIrTzhnUjF1RWpoV1pBOHRGdVlKajdsdFAxNUoyVmovMTJuL0l1enFFaDNabzVnYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1981
content-length: 567
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AF82 13 KB
5 KB 21ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3435
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AC44 13 KB
5 KB 23ms
22ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3922
date: Sun, 20 Feb 2022 01:14:30 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8D00
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=dJPmfXxWQ1I5V0hiTENZeDFBWHZBaDhIY2RxRzI0dUR5WUxnOGdDdzc0TmRoZFJWeDBQUVF2ZHdjL2kvcGpVUzdtZHJVdHp0T0JhNFh5N1lWZ045REx1bWg0SmhUYjRGeEtjWFg5ZHhJMEc3NElhbTZrM3YrdGJTbk80NW...

446 B
636 B

18ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dJPmfXxWQ1I5V0hiTENZeDFBWHZBaDhIY2RxRzI0dUR5WUxnOGdDdzc0TmRoZFJWeDBQUVF2ZHdjL2kvcGpVUzdtZHJVdHp0T0JhNFh5N1lWZ045REx1bWg0SmhUYjRGeEtjWFg5ZHhJMEc3NElhbTZrM3YrdGJTbk80NWp1THNTUGtGUjU5czc0NnZkNE5hbkhrREVvQkliSDBydHZxR0VVMDJ2RytrWm1neG5MdjR1L1A5WWtlcWV5eFFTTWhXOEt0Rk5oU0NHVWFtOHpwVGVCaWgzZ0JmRmhLY3U1ekVYSlMrM0JMMWxKN3hkL3pCTFpyZGdndE1RQ2VxVjhRODZEeStScXV1TGxZcUsyeTJpRXVFa3VIQ1BmY2N0bXg0NytQSHFYZ0V3b3ozR3FLRT18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d88648a89955424c83cc98abf0040158f313e011e295e423c4e12e44faa65ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3510
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=dJPmfXxWQ1I5V0hiTENZeDFBWHZBaDhIY2RxRzI0dUR5WUxnOGdDdzc0TmRoZFJWeDBQUVF2ZHdjL2kvcGpVUzdtZHJVdHp0T0JhNFh5N1lWZ045REx1bWg0SmhUYjRGeEtjWFg5ZHhJMEc3NElhbTZrM3YrdGJTbk80NWp1THNTUGtGUjU5czc0NnZkNE5hbkhrREVvQkliSDBydHZxR0VVMDJ2RytrWm1neG5MdjR1L1A5WWtlcWV5eFFTTWhXOEt0Rk5oU0NHVWFtOHpwVGVCaWgzZ0JmRmhLY3U1ekVYSlMrM0JMMWxKN3hkL3pCTFpyZGdndE1RQ2VxVjhRODZEeStScXV1TGxZcUsyeTJpRXVFa3VIQ1BmY2N0bXg0NytQSHFYZ0V3b3ozR3FLRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1993
content-length: 567
expires: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 2688 347 KB
98 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a13428b61427d37c7f4d2f1d4386a54d2a0ec0abaa9b3fba496a0da819e076d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduqf9s21w6ksrhrbEfNdtVRAnlEGHQH3iNoankzseSF-FyV-LB9VA4FwYgqRRUV2MiA1FByBg3ThmsmvVlLtM9z3U1_6A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99103
last-modified: Mon, 14 Feb 2022 07:19:22 GMT
server: UploadServer
etag: "2a969b68f4d7fccf8385c315e5edd180"
vary: Accept-Encoding
x-goog-hash: crc32c=CoIWlA==, md5=KpabaPTX/M+DhcMV5e3RgA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1644823162604604
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99103
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 20 Feb 2022 01:19:31 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 891B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=WIxJtXwyaHgvd1ZXTzVCSkJBWC96QVdHRWNPMS9EVkFBb1kyTmprdWhNakhyZlNmRUl3WHhSc0ZyYmF6V2tBWUZvNTJESG9mc0ZkS1liTzRJZVY0Z2lVOHNJdjZ4bkhTNHJjNHUxNjBTdFNhamNiSlJ6L1dJY0YxaFg5RD...

433 B
636 B

20ms
19ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WIxJtXwyaHgvd1ZXTzVCSkJBWC96QVdHRWNPMS9EVkFBb1kyTmprdWhNakhyZlNmRUl3WHhSc0ZyYmF6V2tBWUZvNTJESG9mc0ZkS1liTzRJZVY0Z2lVOHNJdjZ4bkhTNHJjNHUxNjBTdFNhamNiSlJ6L1dJY0YxaFg5RDU4K0k3Z3FjSXRQbXhPbDhyMkthTVlOU3g3NVRLei9vOGw3UWpkcjZBVkZZNFJyQlpuL1EyMlR2NFZnZnJzb25Nc2tQaHNNcG1jeEw4T1pJV1Y2MHVPc2tBNVVmcmJBSVFaMVN0RnY5a2ZhYStwOHRtWkpFdWtaY1lpdWN1NWtBOVdoOUtyM01ndFZ0U0lWbHZtZys2YjQ1Zi9LSDlSTzd1ZHRjTVdBNU0vcU1aS09lZXNYWT18&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b21b9ab086adcdbaa79d95c7a5f738f5297253101070b8ef681ca17b97a8d045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7413
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=WIxJtXwyaHgvd1ZXTzVCSkJBWC96QVdHRWNPMS9EVkFBb1kyTmprdWhNakhyZlNmRUl3WHhSc0ZyYmF6V2tBWUZvNTJESG9mc0ZkS1liTzRJZVY0Z2lVOHNJdjZ4bkhTNHJjNHUxNjBTdFNhamNiSlJ6L1dJY0YxaFg5RDU4K0k3Z3FjSXRQbXhPbDhyMkthTVlOU3g3NVRLei9vOGw3UWpkcjZBVkZZNFJyQlpuL1EyMlR2NFZnZnJzb25Nc2tQaHNNcG1jeEw4T1pJV1Y2MHVPc2tBNVVmcmJBSVFaMVN0RnY5a2ZhYStwOHRtWkpFdWtaY1lpdWN1NWtBOVdoOUtyM01ndFZ0U0lWbHZtZys2YjQ1Zi9LSDlSTzd1ZHRjTVdBNU0vcU1aS09lZXNYWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4132
content-length: 567
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5B51
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=0&topUrl=www.sgtreport.com&lsw=1
https://mug.criteo.com/sid?cpp=XN0F73x0SUpZQy91Q0I0L013QmVNNko1ZER1K2ZXdFYyTVVxVEk0SUFRdm83NjVCcTJkUnQrVThmSnhIMno3eXp3RlMzeFVBNmtCdU5WQ3NNWGpRa3BnNEY3aVUzOHpaMXl5UDFuNVZUTWdTZDlKV21rVUFxTEpmakh4S3...

425 B
628 B

15ms
14ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XN0F73x0SUpZQy91Q0I0L013QmVNNko1ZER1K2ZXdFYyTVVxVEk0SUFRdm83NjVCcTJkUnQrVThmSnhIMno3eXp3RlMzeFVBNmtCdU5WQ3NNWGpRa3BnNEY3aVUzOHpaMXl5UDFuNVZUTWdTZDlKV21rVUFxTEpmakh4S3Zta2ZTNEdjRHByTzVyeGUzbktuMFNvYTJ1V3MxeERGVEpnZ0RrYXcxTVRXVVBRaXlvdjViK1h4L0l6NjBKSUpDdHo3bnZMUnd3enBqbSs1aGpSS1ptT3FDc3JzSk5GMzFkSWhIakNKOHhBNlNqRW1TdzIyb2lReFFQRWhyNVgzUkJZTDVSNUVBcWZPQVB2R05CTDFKWWZ1WUQrSm4vdXZlOGFkT292Sm5GWmUyL3pnVUpZQT18&cppv=2

Requested by

Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

fe8e10da1217dbd6c18bc799f4dfddd3be179dde833dd6443dc24c4e4eb58413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2668
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=XN0F73x0SUpZQy91Q0I0L013QmVNNko1ZER1K2ZXdFYyTVVxVEk0SUFRdm83NjVCcTJkUnQrVThmSnhIMno3eXp3RlMzeFVBNmtCdU5WQ3NNWGpRa3BnNEY3aVUzOHpaMXl5UDFuNVZUTWdTZDlKV21rVUFxTEpmakh4S3Zta2ZTNEdjRHByTzVyeGUzbktuMFNvYTJ1V3MxeERGVEpnZ0RrYXcxTVRXVVBRaXlvdjViK1h4L0l6NjBKSUpDdHo3bnZMUnd3enBqbSs1aGpSS1ptT3FDc3JzSk5GMzFkSWhIakNKOHhBNlNqRW1TdzIyb2lReFFQRWhyNVgzUkJZTDVSNUVBcWZPQVB2R05CTDFKWWZ1WUQrSm4vdXZlOGFkT292Sm5GWmUyL3pnVUpZQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1495
content-length: 567
expires: 0

GET XHcEUCFl-720.jpg
video-native.mgid.com/ 0
0

GET
H2 200 mgPlayer_v2_sprite.svg
video-native.mgid.com/mgPlayer/img/ 3 KB
1 KB 60ms
59ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-native.mgid.com/mgPlayer/img/mgPlayer_v2_sprite.svg
Requested by: Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 14:37:30 GMT
server: nginx
etag: "c1c-5c6897a74212b-gzip"
vary: Accept-Encoding
x-cached-since: 2021-09-27T16:25:55+00:00
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=290304000, public
cache: HIT
accept-ranges: bytes
content-length: 1154
expires: Tue, 27 Sep 2022 16:25:55 GMT

GET
H3 200 aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.jpg
s-img.mgid.com/l/-/680x453/-/ 39 KB
39 KB 14ms
14ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/l/-/680x453/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.jpg?v=1645319670-yCACVdR5HtkVn_HkzdWWuf_PU9_XxFnNDjkrEXdqTVU
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90494772a11146cc5080291747836c8e85dc1309a8bca8a720c300bcd830c537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: HIT
x-mg-request-uuid: 81b24b24-21ca-4cbe-bb67-f91c8c2c2b14
age: 94009
cf-polished: qual=85, origFmt=jpeg, origSize=54814
content-disposition: inline; filename="aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTExLTAyLzgwZGZhMWI4NmNkYWQwMDMzMjcyZDg5NzNmM2MwNjBiLmpwZw.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39928
last-modified: Sun, 26 Dec 2021 20:56:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e03e0e8fddd5b98-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 /
c.mgid.com/vs/ 43 B
361 B 107ms
107ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=3191&iid=372834&e=vr_load&h=DxUo0TZtMsA8btWeqVQmbeMMJiPzhK-Q-HoDiZ2LyyLiehR3idDNPGJhGXOPPMKX&o=%7B%22vrViewable%22%3A0%2C%22sticky%22%3A0%2C%22playlistSeq%22%3A0%2C%22uuid%22%3A%22748d7fae-91ea-11ec-bf14-e43d1a2a53a0%22%2C%22format%22%3A%22instream%22%2C%22tt%22%3A%22Direct%22%2C%22timeOffset%22%3A0%7D&t=0&c=46503
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e03e0e8fdde5b98-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0C33 6 KB
3 KB 113ms
113ms Script
text/javascript 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=2072668300&js=pmw1&base=te-clr1-1e19586e-beb6-4cd1-9362-fc7f50ec478f
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=2072668300&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4ebf6318650a0a5df364cf9e5c6e0add06ffdb7890f0eb45f0f61d44d4fb96df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2328
x-amz-cf-id: WJX_6RKSg83yKEIykEJOfIZ6eZ3nDCvSeDsaSgHZv_RYuPpeQdc_cw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 0C33 38 KB
11 KB 132ms
131ms Script
text/javascript 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=2072668300&js=pmw2
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=2072668300&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: KFcIl6GZjutmX__tWWMNuWCMr_ifS_BT9gjuOxTc5QWsyxBOJxdILw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 0C33 43 B
395 B 108ms
108ms Image
image/gif 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=3494
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:31 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: sVU4vgU24VJ66t9gqp03UDFja-xU1ONkAxCIzxazNiqCJJM5HumZ3A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame AF82
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=2&topUrl=www.sgtreport.com&bundle=JDd7hV9oTG5iRHRqb255V1MlMkZQWlFsSCUyRnduOEc2bmhqU2V3Z2R2aHBFZXA3WVdsRG...
https://mug.criteo.com/sid?cpp=SX1M0XwrV3d3Rkx3U2lRNzRYNkwyOXprSXhSREFyTlZ5dEVFVHJTTDR3L2UwSEd2UkwyUVova1JkWGpVaWxyNk03M2FuZ2dudFVQSWp6QTJ6WmhYZ2pyYXh0QU00VUIyU2xScGRNYWdjL2U1NFpVSlFGYUIvOE1rYU5RZm...

446 B
638 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SX1M0XwrV3d3Rkx3U2lRNzRYNkwyOXprSXhSREFyTlZ5dEVFVHJTTDR3L2UwSEd2UkwyUVova1JkWGpVaWxyNk03M2FuZ2dudFVQSWp6QTJ6WmhYZ2pyYXh0QU00VUIyU2xScGRNYWdjL2U1NFpVSlFGYUIvOE1rYU5RZmxHVTkrVWJMbXJxQmJFTi91YUM2c1VnRkdZZDdkWlZkZGRid1Y0YS91Q2tQSmxFUDlZMnA3TCtJYk5pbzFqaHZJSjRZQnRmb3o5cXQyNEo1RXJJUVJ4MloyeWpnQzZ2Y2plclY4ejNQSXBLREdES09FTVpiVm15SFpwQkV2Q2ZReHNGTzM2bGtYNXRNbjlhTWhCREF0R2lZQUQ4ZklzN1JaNGs1V2FkL0lucU1YZHVydGV3MD18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

74bf5b74b903df718ede56a081265eabf0878d8352f59914c39ab4c127125a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3062
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=SX1M0XwrV3d3Rkx3U2lRNzRYNkwyOXprSXhSREFyTlZ5dEVFVHJTTDR3L2UwSEd2UkwyUVova1JkWGpVaWxyNk03M2FuZ2dudFVQSWp6QTJ6WmhYZ2pyYXh0QU00VUIyU2xScGRNYWdjL2U1NFpVSlFGYUIvOE1rYU5RZmxHVTkrVWJMbXJxQmJFTi91YUM2c1VnRkdZZDdkWlZkZGRid1Y0YS91Q2tQSmxFUDlZMnA3TCtJYk5pbzFqaHZJSjRZQnRmb3o5cXQyNEo1RXJJUVJ4MloyeWpnQzZ2Y2plclY4ejNQSXBLREdES09FTVpiVm15SFpwQkV2Q2ZReHNGTzM2bGtYNXRNbjlhTWhCREF0R2lZQUQ4ZklzN1JaNGs1V2FkL0lucU1YZHVydGV3MD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1500
content-length: 567
expires: 0

POST
H3 200 getcaptcha Show response
hcaptcha.com/ Frame C0C7 3 KB
3 KB 173ms
173ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/getcaptcha?s=2df1732c-ecfd-49a6-a24a-43399e9769af

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23949fe7ab795927f15fff019d990413cd90038407d83443e92a6c03ec589137

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cf-ray: 6e03e0e93c975bfd-FRA
date: Sun, 20 Feb 2022 01:14:31 GMT
x-esid: 53576559
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-chl-bypass: 2

GET
H2

200

sid Show response
mug.criteo.com/ Frame AC44
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kloperd.com&sn=ChromeSyncframe&so=2&topUrl=www.sgtreport.com&bundle=JDd7hV9oTG5iRHRqb255V1MlMkZQWlFsSCUyRnduOEc2bmhqU2V3Z2R2aHBFZXA3WVdsRG...
https://mug.criteo.com/sid?cpp=nY-XLnw2RHFwbndMclVOelRkWmxwN3kxNzdTZm5wekNjNUxKeEJqMHVNSTRJMnJBTVVzRWJPcWZMU1dZV1Q2Z0hnN1RzOTU3RWVycGREK2gvVEFvRXF0a0ZOTWJsUG92amp4cXlwVlZuVytsWS8vVkdVRC9qRXp1Z1NTem...

435 B
627 B

16ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nY-XLnw2RHFwbndMclVOelRkWmxwN3kxNzdTZm5wekNjNUxKeEJqMHVNSTRJMnJBTVVzRWJPcWZMU1dZV1Q2Z0hnN1RzOTU3RWVycGREK2gvVEFvRXF0a0ZOTWJsUG92amp4cXlwVlZuVytsWS8vVkdVRC9qRXp1Z1NTemxSa0d2OW5EcEd6S3FsaFdUcFI1d3Q3UGR5ZjdZb1FIMHhSbU11L3pmekZUTGZwMER3b09IdFpzaWx0cFpkd01zRzM0eDhzdDhYem53bFlxY1FOMG5sbU5yUzIzQ2prT2tPYWZIUElsdVRnMWErWUh6WTVpdnVBUXJqZ1Ayaktpdk9DbUZRVE5IemdQamhPTlY5WnE3QlVSZWRud1Y5T0ZxVzdYTFdNVzErNmVVZUZBWW9vVT18&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sgtreport.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dd5ff22f209f83faf5c926cea38d0ea06af6bd1d01d44d90b7f8834161f0d8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3560
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:30 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=nY-XLnw2RHFwbndMclVOelRkWmxwN3kxNzdTZm5wekNjNUxKeEJqMHVNSTRJMnJBTVVzRWJPcWZMU1dZV1Q2Z0hnN1RzOTU3RWVycGREK2gvVEFvRXF0a0ZOTWJsUG92amp4cXlwVlZuVytsWS8vVkdVRC9qRXp1Z1NTemxSa0d2OW5EcEd6S3FsaFdUcFI1d3Q3UGR5ZjdZb1FIMHhSbU11L3pmekZUTGZwMER3b09IdFpzaWx0cFpkd01zRzM0eDhzdDhYem53bFlxY1FOMG5sbU5yUzIzQ2prT2tPYWZIUElsdVRnMWErWUh6WTVpdnVBUXJqZ1Ayaktpdk9DbUZRVE5IemdQamhPTlY5WnE3QlVSZWRud1Y5T0ZxVzdYTFdNVzErNmVVZUZBWW9vVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1697
content-length: 567
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.sgtreport.com&sn=&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.5&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=5f77212252e5813080721d0e&stagid=&stplid=&e=inventory&vi=0&cb=1645319671250
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 5 KB
2 KB 325ms
108ms XHR
application/json 3.226.120.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=undefined&AV_CDIM2=0&AV_CDIM3=native&AV_CDIM4=372834&AV_CDIM5=&AV_CDIM6=11&AV_CUSTOM2=0&AV_CUSTOM3=This%20Guy%20Transformed%20His%20Body%20To%20Look%20Like%20A%20Cat&AV_CUSTOM4=0&AV_CUSTOM5=7&AV_CUSTOM6=3&AV_CUSTOM7=0&AV_CUSTOM8=0&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=5f77212252e5813080721d0e&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.sgtreport.com&AV_DADPOS=3&d36=6.1.5&responsive=1&sver=1&avtoken=671249&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1645319671271
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.120.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-120-126.compute-1.amazonaws.com
Software: /
Resource Hash: f8c1dbb55b1f0f730a4950d4591925ea2205de0e2a1ad559fa8f26dcd81f34dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Tue, 08 Feb 2022 11:27:51 GMT

GET
H3 200 /
c.mgid.com/vs/ 43 B
361 B 105ms
105ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=3191&iid=372834&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22748d7fae-91ea-11ec-bf14-e43d1a2a53a0%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=63376&h=DxUo0TZtMsA8btWeqVQmbeMMJiPzhK-Q-HoDiZ2LyyLiehR3idDNPGJhGXOPPMKX
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e03e0e97e455b98-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 getcaptcha Show response
hcaptcha.com/ Frame A243 3 KB
3 KB 189ms
188ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/getcaptcha?s=2df1732c-ecfd-49a6-a24a-43399e9769af

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e61b2d8/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeebd0182b9e9e1487c40d43c942972f8f7c30eb1e9f6d9591f42bf4dc16a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cf-ray: 6e03e0e97ceb5bfd-FRA
date: Sun, 20 Feb 2022 01:14:31 GMT
x-esid: 53576559
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-chl-bypass: 2

GET
H/1.1 206
Partial Content wfeJmkVoLbFg.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame ACCF 2 MB
2 MB 4813ms
4559ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/wfeJmkVoLbFg.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/wfeJmkVoLbFg/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash: e4bbf235cac8231ef771241f08c87b6cf7aa80dbba70020576fb25936701b0b4

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=68386816-

Response headers

Date: Sun, 20 Feb 2022 01:14:35 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 68386816-70539007/70539008
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2152192

GET
H2 200 get
choices.trustarc.com/ Frame 0C33 287 B
628 B 11ms
11ms Image
image/png 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 17 Feb 2022 06:28:21 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: nginx
age: 240370
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 287
x-amz-cf-id: NHXUoV_dE0LXGrE96AOVGGsVjcDBBiJKCzgxFw8km1jlofu9Nxt1wA==
expires: Sat, 19 Mar 2022 06:28:24 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D959 0
731 B 25ms
24ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:31 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e00dba82-bf8e-47c7-b0ae-8ce2f8e75a83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame F454 287 B
627 B 25ms
24ms Image
image/png 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=2072668300&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Thu, 17 Feb 2022 06:28:21 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: nginx
age: 240370
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 287
x-amz-cf-id: Z2PBalcPJ62Exc-QWNXx10RTio3JwUL3cIauGoeI8QzV_35JU_V7sw==
expires: Sat, 19 Mar 2022 06:28:24 GMT

GET
H2 200 get
choices.trustarc.com/ Frame F454 739 B
1 KB 25ms
25ms Image
image/png 108.157.4.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-14.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Feb 2022 13:36:21 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: nginx
age: 733090
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 739
x-amz-cf-id: pt4Q4QNDcTPiOSdn6btGVgshP0i1IBUTOTR6keGUpdP0ZI_NAl0qSw==
expires: Sun, 13 Mar 2022 13:36:21 GMT

POST
H2 200 x Show response
api-3-71-7-237.b2c.com/api/ Frame FAEC 0
299 B 141ms
141ms XHR
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-3-71-7-237.b2c.com/api/x?efx5dRmGVy5ghV9s$aGNhcHRjaGEkMTU5OCRQMF9leUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKd1lYTnphMlY1SWpvaWNsZERZVzhyYTJ3d1EzSk1UU3QxYzJzclJEQkdNQ3RLZEcxYVFYVlVPRkZJYkRoc1ExWXJiREZRZUhCcWJ6a3plRFVyWVRaamNUbHRaVlZTYWpnMVVVRjFOVXRRTVRsSFNITjZSWEJtV0RnMVVtMHpNalZEY1hOYVNWcEVaM2RPYWxnd2FVcDRXVWhhUlhsTlZHSXlWRlZXTVU1T1MxVjRMMmxYY1hwVWR6VlNjVTFuZGtWVVIycFNkME5LTUVveGVVdFJUMXBGWlVKQmJGQnRUMjFGUmpRNWVFUklNbTFXY0dOVWRWZ3ZaMHRSZVdwbEsyOXBVV2w2UWtsck0wWlllVTkwZHpaWlMxcExSVVJxWkRadWJESk1abnBSWVRJck9ESm5jSFJHZUVwdVdISnpiVlpHZVhNdlZtbHFTMjlCVVVGcU0wWnlZMDV4TTBOWFZWUnlOMUpxUjFJNFlsWTViWHBLTkhsMFIyNTRXbGdyYUdvcmMyczJTbEphUmpGVWRXc3ZWbXhRTUU1RWFscFdRVWhtVjNCMGFVTmxSV3BLVFhoc2NqWlpjbWh6U25wNFpWbzJlVkpHZVUxWWIwUlFRbTl5Y0VRdk4zZGFTalZOTWxsQlVWaGtRa3hRS3prdlJXZG5WRmxwZDJZNFVXcFBXRFJaYTIxeU1HcFZSV04xYzFGMWNVUTFkVko1WjI5blUxbG1WQ3RhWjNscU1sZEphMGxDYzFaaFlpOHhaRlJTTVdoMGMwSmxZMlZ2WjNac1pqZFVOVFZXVUN0S1pEbE5iVEpSU1VsV2MxTXJiREZhTlVKRldqVnNaMFF2VUhwWFl5OHdlVTlFYlc1amRVNHpVbkZvV21WVVIxTXhielZxU21sd01UZHlkRGxzVmxkNVdqbFVWVXBDVkhGNWFWaGFNMEZRVVhkclQxWkNOMWwwWlVwTFJqUTFNMGd2YzNFeFQwRnRWVE00ZEN0dlFrazJla1YzUWtKTk9FRnRNVVkxV0RaUVp6SjFWazlJUTNkalVXZHZibk5SYnpWVFpqZHZiRVZFV0hSbEt5ODFURk51ZHpadFJFUnFlRVIwY0ZOWVRqZDBiM040ZFV4TVNsQXZXSGg2Y1M5TU9TOVdhRUZKUWprMVYyaDBTVGd3YUN0R00zTldjVFZvWjJ0clEySTFZbGRUV0hOT1lVMURPR0pNYlcxT1ZsUmpZWEpuTTBjcldua3llVmxZYmxwQ2VVVlpNVkk0VFVsa2MzaEtTbkJWVTNWWU1tWTBUWFZQZWk5Vk5rVmtkRkZZY0ZkQmVrMVFUbms1TUN0UlpXTkNjRVJoYUV0T1FrdGlUbXAzUzFkck5Hd3hSbXhYUmxKdlEwbDVWRFpOUm5Sa1RUUllZbWxPWkRaTVRscDFjMXBNTTFsa01ISkpkSGN5T0daalVXTlhOVlptY0VocU4yRXpOVTlMVkZFek5Ea3hhbkZDU1cxcU5VaFFRbGhFZUVsVVV6ZHJTVXRLYTNJeWFYQlpiekkyU0hCUk5GaDVVV2h2WldwWFlqVm1SMEpWU21acGMyZHpTRkIzUjBkUGRsRkVOV3N4TXpkV1IxQkpSbHB4U3pORWJVaERlbVZXYUhWamVEZHFjRVp0TTBacWJDODJPVkUwUlc5Skx6UnZUV0k0ZEc1b1lXUnVRa2hMSzNaelNGb3ZNMUJMVW1NelRFbFJZVXhxYkUxNVpHOU9XVzVKZWpORFJ6Sk1NbGszYW1GV1ZuVXhTVFEwWWxWRFFVNXVjRTVpU3psa1V6VTJZek5tY0hwaEwxWlRNMUYzWkVsSk0xSXZPSEZsY1RWMmRFOUdOSFJhVDNOMk1ubHVjalJ3VlVFeVkycElaazh5WW0xVE1qVXdOMG8yUVZGeU9GZGhWRzlPTVZCaVNXSlNNa0pPVDBka2VURlVaMWc1VkVWdGIxaG1hRGRNU0VNd2NIaEljWGxvVW1OVWVFTm9OalJXUjFoNlVYQnZNelI2TUVWVGQzRnZaMmxxVmk5b1FpdG5NMHROVUNzMGRqUk9TMU5QZDAxdFNVRTFlakZ3ZEN0SFRtNVBlVVkwWW1sQ2NWRTFWV2N6YzIxaFpUVnBlV3hyVmtGc1VtaFhlRXhvWkRsSlVEWnVOalpRVTB0blJ5OUxRM1ZDTDBGYVFYQXZVV0U1TmxKWmEwRTBURGhrVGtKM1ExTnRVek4yZVdScWJXbGxUbGQyWnprclpGUmliRE16SzFVeWJEbEdkRVZXWkdsWk9HbHVNWFY1ZEdjM1dVWkJSa1J2WkZJNGNrUXZiV3BWVldKcVNsVnFaQ3R5T1dFNGNWVlBVMlJ3TlRCQ1puWk1USGhPVXpObWNrOUliRlJxVGtSb2NXOHlla2RPV0RscVZWaE9XbWR4ZGpaQ1JXMTFjbVZ1YW1FNFlUbG5iU3RVVWxWak9WTjRWV2QzSzFoTFFrUkdZV2hoUjNjMVJFeEpSRGwwVjBoVVYwNTBia3h6TmxCWVZsSkhTRmswVFVwMk5FTXpUR1pvZURaMmNXRXdOR1pETTNwUlZFc3laMk56TVV0VmNXOWpjVVJLVFd4RVZESlRObloxT0d4dlNrVkhjMnBJTTFwaWJVaGhMME5EYTBJd1QxaHBSR3B4YldsMGQxRnRObTlHZUhScGN6aEdVV0ZzVGprd2QyMVVVRzFCTDBKV1ZIZFhVWGRhU0hGdU1GcFRLM1JGTDNkTlFXUk5UMHhzZEhSbGJGUjVabTlPVkZBdmIxRnhNWFJvVW1wRlRGSldPWEpRWVVSTldrNUxialZpY3psdmRFUTVXVEZLVGxkV1RFUlVaM3B2U3k5dWFtcENPVk5TT1hONlJUUkdUM3A1WWxGdVZsZG9kRzFaWTBWSWRFMHZWRkZEZFZsdVVEVnFSWEJqUTA5WlRFMVpWbkUzVENzeWVqQmllbGRPTlRWdGVrUldhVmRzUkZWQk9IRnhZMVpXTjJkNk5IbE5Wa0p5U3l0bFUyNTVNVVl2Um1kUmVuWlRVR3hWVVZKQllTOVdTM3BpWVhWd1kyVkRlRlJFY1VRNE4xRTFVMWRGTldsbmIwVXpRVEZSWjBablZERXdZVEJDZFZWVVZuUndiRVptTm1oQ2NYVktiMGRWT1ZkV2NUSnRVa1JEYnl0eU5FWkZMM2M5UFhkSEwxTmpaMEU0ZWpGNVRrMDJVbFVpTENKbGVIQWlPakUyTkRVek1UazNPVEVzSW5Ob1lYSmtYMmxrSWpvMU16VTNOalUxT1N3aWNHUWlPakI5LnVSTkIyQ3dSRnZISTJiWXV4aUZraldxdW9RQ0ViTHVVdTIzSnR3YjZLYVE~
Requested by: Host: api-3-71-7-237.b2c.com
URL: https://api-3-71-7-237.b2c.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsXbEOR%2FYL7eGQylCMDBETHDUpgebr3r2vYQddRx4H2aBwjOD4CILgz%2Bgn0cUnfgAOQooSCENyD5Ur3JasJjbed9XtOCN4Lxw%2BeUtw1jKvAqYR9mE1rbssznthbX1wSwEBqRqOZVhubbgq2%2BLpn5J0Wzm1w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e03e0eb5f24839c-MXP

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/9655/227876/1306542/201/ 2 KB
2 KB 644ms
595ms XHR
text/xml 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/9655/227876/1306542/201/vast.xml?tg_c.language=en&width=672&height=378&gdpr=1&gdpr_consent=&rp_schain=1.0,1!mgid.com,9655,1,,,
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 414a7272bd807f38f4747ff40cc18e65d3a04a69a2f78dd15c09fe34e3b14a87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.sgtreport.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 940
Expires: Sun, 20 Feb 2022 01:14:32 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378&nid=5ac2203f073ef46a6856c7b0&ncid=5f77212252e5813080721d0e&e=request&cb=1645319671608&asid=601bcb7f38194560ee6146a4%2C601bcb7d1a9b5e6f8b55a8b6%2C5f771d077bfaa61297700fd1%2C5fbfdabb298a037a9f01af1b&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Requested by: Host: www.sgtreport.com
URL: https://www.sgtreport.com/2019/10/deep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 x Show response
api-3-122-254-151.b2c.com/api/ Frame 9A33 0
278 B 137ms
137ms XHR
text/plain 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-3-122-254-151.b2c.com/api/x?AAppOZbRMfvsNzrG$aGNhcHRjaGEkMTYzMSRQMF9leUowZVhBaU9pSktWMVFpTENKaGJHY2lPaUpJVXpJMU5pSjkuZXlKd1lYTnphMlY1SWpvaVMyeDFiMUFyVldob04yZHVWM0pDYTFsQlZWUkpTbXc0VjB4R0wybHFWa1kzTXpWaFVqUndURk4xU0hkTmIwVjRjVEJoTTI1cVF6ZFRSakV5VWxGTWVuWkhaMWhGVjNCcGVtSlphbUZIZEZoNWRHVnFVUzlFVkdSVFpEVjBiRzFVYm01RE9FODVVV016VTBONll6TnhiREJWYjNkeGRVUm5Wa1ZSWWs5MGRUTXJNemhSVWpSSVpIQXdhREZ2YjFFd1VEVTBZMjU1ZVVkWU9IaG5SMk5tV1ZOYVowWmhZbmhDVlhwMGRqRmljMmhKVlRaeVVWVlJWbmRDTWk5UmJrRklSVWt3TkV0MVYyWkpTRVIwV25oVVEyOHhaSEpoUVU5U2NrTlVObk16TUZGc2FtRTNVMWg0Wm1kQ09YUXlaamhQWm1wQmMwaElZV1ZqVG5WM1VUVXJiRGRyVVhwYU5tZE5URFoyZVc1VU5WVnNiWEJDVURScWFURmpLMWRZTDBNNFpVeHBhWEZUYkRWaGEyUnBTVXQ2ZFZaV09YSldRWGhqUWk5UlNFSkhVMWhGTmtZdlJGbEtNSEpEWTFCTlFraFphWEJQU25sV09WVktRVGxWUmtZNVdVRklZMU5EZFU5VU5XaG9hbEE1VHpCSVUyMVhSMDVQTWxwSlIzZFJVblZSYW0xV0szSkpNRFZPVEROUlkzcEZhMUJVY1ZONFJFNTVXVlZCUzFBM1FtZEJiVUYyVUhBelJpdHJha3hVTlVWU1puaGhORTlQVVhNdlZIWndhVU5qUlRjM1VtSjRRbU0xYUVKc2VTdFJUeTlOUlZwUE9VVXpiSEpDU21GUGVsQktLemx0V21kS1Z6ZDNZVTF0VlRKd1ZEWlRWVmRIUkV0M1JreFVhU3R6YzBoTFVrTm9aa2hYZUZwTlZFNWFlRzA1YkRob09XcFFSakZ3VmtWeFJWRnJXa1l3Uld4VFQzQXlVRlZpZEhORWRsVnhRVXB6SzJSc1pIWm1MMkpTVG5SQ01VRkxaa1JJVUZoaE9WaHFTa2gyUm5ZMFZYWlVNVUphZVdOUFlrOWFTV0ZTVGt0b2VWaDRLekl6VFhSaFEwbzJibk5yZVc1MVZGcE5UVzV2YldoUGNXRlNlR2Q0UjJ4c1VFTkhXbUV6ZUZCUVNYQkdPR3R4TW1ZMFNGWXdiRGxSYTJ3M1MyUlhibGd3ZFZKdU1GVjJRMDlyTVdRNVkxUlJhVkZYV1dvelEyVktlVzVHWW13eFMycHBWMDluV1ZOdWRWVnJWRTlIVldGdk5saENPV041UTFGMWNsazVjVTVSVVZOR1dERlpRVzl6VUVSVVVsSnhXRmhLYlV4bFdYVnRUeXMyU0VwVVoxQklNMWt2VkhKRWJWaHBWa1J5T0RCWFZHZzBkRzVxVUdNck9EbGpaMk4yVm5wSGMyazRjMGhCVG1Ga2FFeElWMUZMYkVRdk0yRTNTa0ZVYVZab1IyTnVaRVp5WjNKaFMxSTFSelJJWkROSGFFZHdUMXA0VlhvclRFVmxia1pKVERNME4yZGpkVUZWWkU5bE16UktaVE5oWm5FcmFtSlJSMjlDVFdNclQwNXpXVVZUVm1kM00ycHdaMnBCYjNrclJURkpia3g2VHpGYVltTk5hMmtyTWtOQ1lVMVdNemQ0YW5Sb05VZFllVmhYT0cxUmJqZEViblZ5WjA5MmNsWlhNV2RzV0ZvMWMwdHBaRm96TDJNMVVVY3haM2xYYjI1clVtaFRjRmxNWjBaNVRGY3JiV3BKU25KWWRYZ3lUMmRoYlc1SGIwY3ZZMDR6VTB0TEwyZGlNM2R3UWxCaFdsTjZPQ3RwUVM5RlZqQkRhaTluTjJ0dE1sTXlhRlYzY0M5NGEyTm5lVUphUWpoMk5UbEZkVUpUUVVweGRWZzVUa053VXpJMldHc3lUbEpNZVZFeFVrMVlMM2RCYW5WYWNHRkVZMjVJUjJkT1NYbEpZM2h1VFd0dVZEVm1NR0o1U1hkYVpVbHVTREU1SzNKQlpEUTVObEJZUnpZd1JWUlJTVmhRZHpVelpuQjFMMjFuY1RjclpXUXlabEozV0VwRE9Vd3hlVTVDUWt4SGJIVXZhMHBEVWpFeFpXaHdURGhxZVVOMVlqTTNOMVZSUkVGTFRuSmpXbU13V2xwcVRIaDZVVkJFUTJsR2NtZzFLMlpKYVVKUGFFSkxORVJ0TkdkbmIxVmhSVU5OY1hBM2VtVllWSEE0UVZadlVHOXJaMEpNUVhwNmNsTlhTVFJNUkRsWlNWbEZia2g0T0hFMVQxTkxPR3RhTWxNMlRXVkJNV0poTkZCUk0zSmpPVWw1TTFCYVFtcGxSWFZrWmtWWVpEVnNhaXRKVTFsWk5uVlhUbkZzZEZWa2MwRjBNV2xZWjNWWUswdFJMM3BVY2tzMWIyRTJaRWx4TVVsU1NGazRWMk1yYUVaRE9XRjFNR3NyWTNodmRXUjVXWEFyTTFGSlVFczVUV1ZFYUVGMWNqRjJORWRwVUcweGQzaFFiVTB6TTBrMVNYTmhXVVEyTkZwbVZYRkVSbUk0VjFSUWFtRm5WVzF1VldZM05HMVpOR1ZUUVVWR05XbE5WRmd2YmpOWlozbGFVMnAwUmtOUlZuSnhOM1ExY1ZCVlNGcFNWVWRxVGt0TU1YWlFPRUZPWVRCbk0wcFZNRUVyVkRSaFNrRTNiVFpzUkhGM1VraDRPR3gxTmxsS1NqRnpXSEpYWVcxdE5rbFBkRWhZTTJaeE9FZ3piemsyVFdsb2FVeHVTbmxEWldaRWQwcENjM2RyWVRKRlQzTkNWRTlYUkM4eVdVaDVWR2h3YkdKUFpWRjVkR2N4WkhKMFEydFRlazQyYTNoMWVEbE5URXgxVld0T2VYUlBMMGhyZFZObFNGQXJNMjlwU20weFRHMW9RalZrVVdWNU5FdHJOWGR6UmpCQ2JGTjFTVTVPY1Rka2VqZHpSa2xxUlZCdWJteE9ia3BqU2xkWU5XSnJWVTFwYkc4dlZHNXlOVmt5Um5wT1VXZGhVVzlhU0hwUVVEa3JWbk5YYW5oMlNrNDBjWFZuWkZSelltVlpaall4T1N0R1FYUlhhMGhxTTJWMU1TOUNaVmMyWm1OeVNuaHlkV1EzVjBSR2FFdDRPV1psWnpJM1Z6WlBVRUpyYUZOaU0wWXpZblYzYWxGa2VXaHhNakZSYm1FMEswbGhOVnB2VGk5NFdXOGlMQ0psZUhBaU9qRTJORFV6TVRrM09URXNJbk5vWVhKa1gybGtJam8xTXpVM05qVTFPU3dpY0dRaU9qQjkuV3lNTEVsU2N3eDRVdHh5VkstRUVmOE1vU3I0cW9GY1RZc2xGdUpmZWVKYw~~
Requested by: Host: api-3-122-254-151.b2c.com
URL: https://api-3-122-254-151.b2c.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb8ofv6ZsWLAUzUkago7XXbVMVrUhdJwJHvZi2g5DsBargU4OFjLDd54liQMnBbZa0O9G1dQTAnuoIxpx2ocFg0pxnzF1aJRl9L8COwQkT1LvX%2Bx%2FvTIVAfhlbzHTIgjG22RWeuy3FSC7%2BKTZOuRYUG2HqzeNIo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e03e0ebbfb5839c-MXP

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 80ms
38ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b910b92a2bd2428007cf9958968c7a373cb0c4e756896ab6597f7749ca013611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9787
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A9B1 281 B
554 B 95ms
13ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4C94 52 KB
17 KB 23ms
23ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000633
X-Timer: S1645319672.042756,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 30EE 0
91 B 55ms
31ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 96B0 658 B
837 B 63ms
62ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 92297939e3b427883fc31224fad7c981ad78e760c7e937e0be2bbe8a2f22a603

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8010 281 B
554 B 90ms
13ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 98DB 0
80 B 51ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0BF1 52 KB
17 KB 24ms
23ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999649
X-Timer: S1645319672.051229,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame C06E 0
159 B 64ms
63ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F059 52 KB
17 KB 40ms
25ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000634
X-Timer: S1645319672.068252,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6C5A 281 B
554 B 84ms
12ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E47D 0
80 B 46ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 626B 0
159 B 64ms
64ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 59AA 0
159 B 66ms
66ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 12E8 281 B
554 B 82ms
13ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 8E29 0
80 B 43ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B609 52 KB
17 KB 44ms
22ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999650
X-Timer: S1645319672.081140,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3BCD 281 B
554 B 79ms
13ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 9668 0
80 B 45ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F03C 52 KB
17 KB 58ms
20ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000635
X-Timer: S1645319672.096038,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 31DC 0
159 B 61ms
61ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4C94 0
731 B 29ms
29ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c881936a-b2ab-49c1-8054-9899983c231a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0BF1 0
731 B 27ms
26ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5a31cac2-2176-4087-9193-0dd6863a858b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:14:32 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame CDB4 0
35 B 16ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1C50 52 KB
17 KB 6ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000637
X-Timer: S1645319672.154285,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame F938 0
159 B 48ms
48ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 118E 281 B
554 B 7ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 420D 52 KB
17 KB 6ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999651
X-Timer: S1645319672.158386,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4339 281 B
554 B 7ms
6ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame BFED 0
159 B 50ms
50ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 505D 0
35 B 16ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame FF83 0
35 B 16ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F91C 52 KB
17 KB 6ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999652
X-Timer: S1645319672.182771,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 4896 0
159 B 48ms
48ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7B5D 281 B
554 B 7ms
6ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F059 0
731 B 13ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f8b91237-65a6-4699-9fa9-3410e7d5fa41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7AE8 52 KB
17 KB 6ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999653
X-Timer: S1645319672.202019,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 65D5 281 B
554 B 7ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame B8A9 0
35 B 17ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 4405 0
159 B 51ms
51ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 96B0
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://x.bidswitch.net/sync?dsp_id=59&user_id=950cad3b-643f-45ed-be88-8b8e36ea727e&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

68 B
607 B

51ms
49ms

Image
image/png

188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Date: Sun, 20 Feb 2022 01:14:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 96B0
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5IjVGDl2bZT.AikABlF_FLHSbQ

68 B
607 B

58ms
57ms

Image
image/png

188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5IjVGDl2bZT.AikABlF_FLHSbQ
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:32 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f5-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5IjVGDl2bZT.AikABlF_FLHSbQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 96B0
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=8c728ad2-e5ac-5133-b33b-bae1d12a2f15
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj4q8aQBlIFvp7KygpiJDhjNzI4YWQyLWU1YWMtNTEzMy1iMzNiLWJhZTFkMTJhMmYxNQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj4q8aQBlIFvp7KygpiJDhjNzI4YWQyLWU1YWMtNTEzMy1iMzNiLWJhZTFkMTJhMmYxNaIBEHW-LRaR6hHshuAAJZDAZHw*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABj4q8aQBmIkOGM3MjhhZDItZTVhYy01MTMzLWIzM2ItYmFlMWQxMmEyZjE1ogEQdb4tFpHqEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj4q8aQBmIkOGM3MjhhZDItZTVhYy01MTMzLWIzM2ItYmFlMWQxMmEyZjE1ogEQdb4tFpHqEeyG4AAlkMBkfA**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=75be2d16-91ea-11ec-86e0-002590c0647c

68 B
607 B

51ms
51ms

Image
image/png

188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=75be2d16-91ea-11ec-86e0-002590c0647c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=75be2d16-91ea-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 96B0 0
277 B 137ms
15ms Image
text/plain 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 20 Feb 2022 01:14:32 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B609 0
731 B 13ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fde91f86-1871-48c4-987a-fe5e6fade2be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11AA 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Feb 2022 00:01:50 GMT
expires: Mon, 20 Feb 2023 00:01:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C606 783 B
535 B 41ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff4d148696c147127068097fd7756adc8a0283d670a94d87c6941f212fa415d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9QEfhJOq//PYWRCnSJkPkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 20 Feb 2022 01:14:32 GMT
date: Sun, 20 Feb 2022 01:14:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9QEfhJOq//PYWRCnSJkPkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame D2A3 4 KB
1 KB 277ms
64ms Document
text/html 151.236.65.12
CDNVIDEO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&CACHEBUSTER=671996
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.65.12 Moscow, Russian Federation, ASN57363 (CDNVIDEO-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame D07E 0
159 B 51ms
49ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 54CE 0
35 B 19ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9F03 281 B
554 B 8ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F2B9 52 KB
17 KB 6ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76265
X-Served-By: cache-lga21975-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 999654
X-Timer: S1645319672.382561,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6C5A 33 KB
10 KB 9ms
8ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3BCD 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 19EE 0
35 B 18ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C723 281 B
554 B 7ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2C9E 52 KB
17 KB 9ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000639
X-Timer: S1645319672.386070,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame D3B6 0
159 B 51ms
48ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8010 33 KB
10 KB 8ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 19AF 0
159 B 51ms
49ms Document
text/html 188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 90CA 281 B
554 B 9ms
8ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9CC8 52 KB
17 KB 8ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Feb 2022 04:03:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 20 Feb 2022 01:14:32 GMT
Age: 76264
X-Served-By: cache-lga21975-LGA, cache-hhn4052-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1000416
X-Timer: S1645319672.388368,VS0,VE0
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 2902 0
35 B 17ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid_v4_38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kloperd.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Sun, 20 Feb 2022 01:14:32 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 12E8 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A9B1 33 KB
10 KB 9ms
8ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F03C 0
731 B 14ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dfea3927-1c8e-452e-9332-92038d625db7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
101ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378&nid=5ac2203f073ef46a6856c7b0&ncid=5f77212252e5813080721d0e&e=bid&cb=1645319672314&asid=601bcb7f38194560ee6146a4%2C601bcb7d1a9b5e6f8b55a8b6%2C5f771d077bfaa61297700fd1%2C5fbfdabb298a037a9f01af1b&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 118E 33 KB
10 KB 9ms
8ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4339 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B5D 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK bridge-31042.js Show response
video-ads.rubiconproject.com/video/ Frame 01DB 65 KB
20 KB 9ms
9ms Script
application/javascript 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Nov 2021 09:48:04 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "103d9-5d185c1183d00-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20289

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C50 0
731 B 17ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 47713cbb-f63c-42e0-98fd-72168ea6e1c2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 420D 0
731 B 16ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2d2a9d17-009e-4a2c-b08d-05a87bb9b786
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F91C 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6a104867-ec17-402b-b11a-608c9cecb6d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2688 366 KB
122 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65d70424eb7b0fe1d3fefe328ee059a245e27b6c3529f3e06d55e5cdb6c0e6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124137
x-xss-protection: 0
expires: Sun, 20 Feb 2022 01:14:32 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 65D5 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7AE8 0
731 B 14ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 276e5dcc-5262-4d90-b1d4-716daf068013
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9F03 33 KB
10 KB 10ms
10ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C723 33 KB
10 KB 11ms
11ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 90CA 33 KB
10 KB 9ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63386
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F2B9 0
731 B 33ms
32ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f7808588-2376-4758-a936-6c03962aa5fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2C9E 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 75391353-6785-43a2-8f81-ad84356466f0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9CC8 0
731 B 14ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:32 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e735a367-b28d-4cf3-9956-3f32d85719da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 87D9 588 KB
191 KB 22ms
6ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2688 44 KB
17 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Feb 2022 01:14:32 GMT

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 275A 588 KB
191 KB 11ms
9ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8A62 588 KB
191 KB 17ms
17ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2688 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 6C5A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZUKULEW-1K-O94&sigv=1&esig=2~97039b3163b4f95948616220add377b2367aa30d

0
194 B

75ms
24ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZUKULEW-1K-O94&sigv=1&esig=2~97039b3163b4f95948616220add377b2367aa30d

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZUKULEW-1K-O94&sigv=1&esig=2~97039b3163b4f95948616220add377b2367aa30d
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 6C5A 0
0 70ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C5A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=11d16211-95f8-4700-a2dd-ec029de0bc7f

0
239 B

36ms
11ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=11d16211-95f8-4700-a2dd-ec029de0bc7f
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Sun, 20 Feb 2022 01:14:32 GMT
Server: MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=11d16211-95f8-4700-a2dd-ec029de0bc7f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Feb 2022 01:14:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C5A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjVlMWNiODk2YzUxOTA5ZTZjNmM1MTIxYzJmOWI3OTAyNDAwZWIwYw

170 B
188 B

32ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjVlMWNiODk2YzUxOTA5ZTZjNmM1MTIxYzJmOWI3OTAyNDAwZWIwYw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjVlMWNiODk2YzUxOTA5ZTZjNmM1MTIxYzJmOWI3OTAyNDAwZWIwYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFEE9Zr92N2LWf2UycbsSWE&google_cver=1

0
239 B

35ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFEE9Zr92N2LWf2UycbsSWE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFEE9Zr92N2LWf2UycbsSWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C5A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pVS1VMRVctMUstTzk0

170 B
188 B

34ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pVS1VMRVctMUstTzk0

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pVS1VMRVctMUstTzk0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6C5A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/k0Sdw--nyBL9a8FTJqyebQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=234659237585140471

0
239 B

20ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=234659237585140471
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Sun, 20 Feb 2022 01:14:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=234659237585140471
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 6C5A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZUKULEW-1K-O94

0
705 B

175ms
157ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZUKULEW-1K-O94
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 114FE8AC38EC4157AD579ED993D8C4A7 Ref B: FRAEDGE1416 Ref C: 2022-02-20T01:14:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYaNakUccMyepkFHvDXA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=KZUKULEW-1K-O94
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C606 0
0 30ms
30ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021602&jk=787064574318816&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame 01DB 28 B
393 B 240ms
49ms XHR
application/xml 18.195.10.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=227876&zone_id=1306542&size_id=201&tg_c.language=en&width=672&height=378&rp_schain=1.0,1!mgid.com,9655,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=672&p_aso.video.ext.ad.h=378&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=9473890406757626&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.10.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-10-145.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:32 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0ACC 37 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 961E 37 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B56 37 KB
13 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 11AA 35 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 23:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 23:20:39 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame D2A3
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://px.adhigh.net/p/cm/bsw?u=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa&bidswitch_ssp_id=between
https://x.bidswitch.net/sync?dsp_id=9&user_id=5IjVGDl2bZT.AikABlF_FLHSbQ&expires=30&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

68 B
607 B

52ms
51ms

Image
image/png

188.42.29.168
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Protocol: H2
Server: 188.42.29.168 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Date: Sun, 20 Feb 2022 01:14:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 11AA 0
9 B 10ms
9ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tua-0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 87D9 156 B
185 B 105ms
104ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_sgtreport.com_video2&description_url=https%3A%2F%2Fsgtreport.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2111601143083259&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1682379125&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673041&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=2409132749578786&ged=ve4_td2_tt0_pd2_la2000_er6291.324.6443.624_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 275A 156 B
185 B 100ms
96ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_sgtreport.com_video&description_url=https%3A%2F%2Fsgtreport.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=130352939150726&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2177770141&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673051&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=2971226548887449&ged=ve4_td2_tt0_pd2_la2000_er6291.324.6443.624_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8A62 156 B
377 B 38ms
37ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fsgtreport.com&description_url=https%3A%2F%2Fwww.sgtreport.com&env=vp&correlator=4359299210724349&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&unviewed_position_start=1&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1315973033&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673060&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=734695865790792&ged=ve4_td2_tt0_pd2_la2000_er6291.324.6443.624_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4C94 0
731 B 15ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 86ee2ae5-c8fe-4a7f-87d3-b8a87cf16c02
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame D2A3
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=75be2d16-91ea-11ec-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=75be2d16-91ea-11ec-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=3XENc0JLm8QSzWOO5KbfkA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata&google_gid=CAESEC5oxru9BfJ_J2h2R5ighTA&google_cver=1

43 B
516 B

60ms
7ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata&google_gid=CAESEC5oxru9BfJ_J2h2R5ighTA&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:33 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=3XENc0JLm8QSzWOO5KbfkA&extra2=aidata&google_gid=CAESEC5oxru9BfJ_J2h2R5ighTA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0BF1 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 429d5761-14df-439b-9a96-24478410d5f0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 206
Partial Content 9XKVqMYUAydU.mp4
zbbb278hfll091.bitchute.com/nLPcg68RnP97/ Frame CCB7 803 KB
804 KB 3990ms
3741ms Media
video/mp4 69.30.230.98
WII

General

Check archive.org

Show headers Download Go to

Full URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/9XKVqMYUAydU.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.30.230.98 , United States, ASN32097 (WII, US),
Reverse DNS: grayabbey.com
Software: /
Resource Hash: f4f970d206bf853232f1975e465bc8b8b703dff10aa8f861b24117ae312d5b9a

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=25067520-

Response headers

Date: Sun, 20 Feb 2022 01:14:36 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 25067520-25889875/25889876
Access-Control-Allow_Credentials: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 822356

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021602&jk=787064574318816&bg=!xcalxoLNAAbf-5Dq3_s7ACkAdvg8WhV4DHEtt12jXy3U-K6ucDkxenF8q9OTuHQv5NJcg3pYn8ghjwIAAAE1UgAAAAJoAQcKACPCdEkFpQNYBZ3g7dKQnNHJbSGAZkp8qceDFSm5dKNgKCCiXpkC0pUsuOtLl738Cbzy_tD3UgzkUYGy0uXI-61xSQ7_cFw3FxwCj92AXDej6s51B9oSQeIsF7hNMc84gKJ0hi4FV-jyP329x82HuHq1MPjM3JFWzNenhN7MEQz3C_5R-_ulvlwzpscF5IaqVwSvgbI_xlSoe1NxLZy-9EbZAcZPB-RnAJ2zlPBupi3OmuoguB9UC0bCFLgXI08ObzOWPR89OinuNcDhMhQTfaty2jjypBqg6Ao3q-9rssTtathRLXVtV9tGg3PLVzyRIHYjYjIuO-wHxcYZfSADEVoCO0FeTSfItJIpNuwAa03mUFihWkC8KwoEOT8QfiJVm1RDvjvU5X4tVgTVQUfhN_DP8iOgpF3l7ldpy7vtIBfAP9hAgTvu2s11FlRT9Y962Zlokd8_jJ4g7k6RYXOufLNCAGgzvGg3u7Dixuzzdzk--vXIdatqmRoo1isajxHEmtntPr5UqbOnR-GCrfCpaE0HY8QmgOd3lzj3Fr7YCLtgFuhL8haB1WVJtnSizyB_I5D6M77dCiBiswngvaERWwA4-WMgSv6pMQo1l3gNUxREJpJn-5ezAuoHMunYQFT7ngl1AUc9z-nfq3JmORi-iZrAt4sDcMlh4aE3mvvrnZGdisETyHFjL9lQV_VysXsz0Usol4Om88xaGYzqeP1J_nofO6FJexQiwcIqHVZJjD3aKgQN8s0aY7NZDYYnvJxRtWyGLfhoCEcm1Yex9kulhPNpyG8PZkxKURfLOiQpV_kA3gNJ6tldXPTbgy5k2Hvg3geN139HVfOS7SW0-HgtCl-5mwOcCB304-u6qGgFgdneiGFhGs1YYAO9JsgszUSjwlJUoLULlWOJdqGUF5v0yjKL2vRGuu-bmZQeTdlLMGMv67sbiMava7Mkp2p9jcPEVd7f8Jtaszc-bqQdpVVsemJVJZE4wjNRPEtn2JxV9QSY2uMZa209ln8J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F059 0
731 B 16ms
16ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b31d3d6d-4d12-423c-a67a-cb83d620675a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B609 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 66ac20dc-f6cd-4de0-8185-c43ce6e0ef99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F03C 0
731 B 16ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6c354cfb-fdca-4113-9de9-5db0bb0373fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C50 0
731 B 14ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 92622f46-d435-4296-8a6e-6ed9d489ec25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 420D 0
731 B 14ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 82819836-3883-47ae-87c5-fe39eff48d6d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F91C 0
731 B 13ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1f0230ba-9b10-404b-b572-869078ca3da4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 509D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

11ms
11ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&CACHEBUSTER=671996
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Feb 2022 01:14:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date: Sun, 20 Feb 2022 01:14:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7AE8 0
731 B 15ms
15ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a53df93d-2472-43f4-aca9-8afaf56078c3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK vast.xml Show response
video-ads.rubiconproject.com/video/9655/227876/1306542/201/ 2 KB
2 KB 12ms
11ms XHR
text/xml 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/9655/227876/1306542/201/vast.xml?tg_c.language=en&width=672&height=378&gdpr=1&gdpr_consent=&rp_schain=1.0,1!mgid.com,9655,1,,,
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash: 414a7272bd807f38f4747ff40cc18e65d3a04a69a2f78dd15c09fe34e3b14a87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.sgtreport.com
Cache-Control: public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 940
Expires: Sun, 20 Feb 2022 01:14:33 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
104ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378&nid=5ac2203f073ef46a6856c7b0&ncid=5f77212252e5813080721d0e&e=request&cb=1645319673500&asid=5f771d077bfaa61297700fd1%2C601bcb7d1a9b5e6f8b55a8b6%2C601bcb7f38194560ee6146a4%2C5fbfdabb298a037a9f01af1b&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 509D 33 KB
10 KB 9ms
8ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 19:52:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63385
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9760
Expires: Sun, 20 Feb 2022 18:50:58 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 113ms
113ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378&nid=5ac2203f073ef46a6856c7b0&ncid=5f77212252e5813080721d0e&e=bid&cb=1645319673515&asid=5f771d077bfaa61297700fd1%2C601bcb7d1a9b5e6f8b55a8b6%2C601bcb7f38194560ee6146a4%2C5fbfdabb298a037a9f01af1b&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK bridge-31042.js Show response
video-ads.rubiconproject.com/video/ Frame A2A9 65 KB
20 KB 9ms
9ms Script
application/javascript 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash: 441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 01:14:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Nov 2021 09:48:04 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
ETag: "103d9-5d185c1183d00-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 20289

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F2B9 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cc96644e-c080-4b2c-b9a8-2a720eca4fe8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2C9E 0
731 B 27ms
26ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0c5cda07-36c6-4859-b48e-ccbddc353e73
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9CC8 0
731 B 14ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:33 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 620d2769-f65d-4e26-9002-911adb70ceb4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 509D 0
239 B 98ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=KZUKULEW-1K-O94
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2032 588 KB
191 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2688 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sgtreport.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 300ms
102ms XHR
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 790A 588 KB
191 KB 13ms
13ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.501.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5F3F 588 KB
191 KB 17ms
17ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 195594
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Feb 2022 03:54:54 GMT
expires: Thu, 16 Feb 2023 03:54:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 16 Feb 2022 03:50:02 GMT
content-type: text/html
age: 335979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5482 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EEB9 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 29FC 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 00:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 20 Feb 2022 01:51:15 GMT

GET
H2

200

671996
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame D2A3
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996

43 B
297 B

53ms
52ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:33 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:33 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/671996
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ Frame A2A9 28 B
392 B 51ms
51ms XHR
application/xml 18.195.10.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?gdpr=1&gdpr_consent=&account_id=9655&site_id=227876&zone_id=1306542&size_id=201&tg_c.language=en&width=672&height=378&rp_schain=1.0,1!mgid.com,9655,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=672&p_aso.video.ext.ad.h=378&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=8196420451166222&rp_secure=1
Requested by: Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31042.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.10.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-10-145.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:33 GMT
server: nginx/1.16.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.sgtreport.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2032 156 B
142 B 91ms
90ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_sgtreport.com_video2&description_url=https%3A%2F%2Fsgtreport.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2461816033376660&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3498192078&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673880&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=4013561291008073&ged=ve4_td3_tt1_pd3_la3000_er6291.324.6443.624_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 790A 156 B
142 B 95ms
95ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F43356090%2Fca-video-pub-9597688850300628-tag%2Fmg_sgtreport.com_video&description_url=https%3A%2F%2Fsgtreport.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2649901142823732&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3557450663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673885&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=2869529977367744&ged=ve4_td3_tt1_pd3_la3000_er6291.324.6443.624_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5F3F 156 B
142 B 46ms
46ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21750935102%2Fmirs_li%2Fsgtreport.com&description_url=https%3A%2F%2Fwww.sgtreport.com&env=vp&correlator=364074869467307&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480&unviewed_position_start=1&sdkv=h.3.501.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=18947036&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.501.0&sid=76C1888E-9126-4686-BFE0-BCD8EC02A935&nel=0&eid=44726389&url=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&dt=1645319673889&cookie=ID%3Db37c2792741089ae%3AT%3D1645319667%3AS%3DALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g&scor=3439325039173250&ged=ve4_td3_tt1_pd3_la3000_er6291.324.6443.624_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.501.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

user-sync
cpm.convergeselect.net/ Frame D2A3
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&expires=60
https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa

42 B
228 B

77ms
20ms

Image
image/gif

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Feb 2022 01:14:34 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: close
Content-Length: 42

Redirect headers

Location: //cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
Date: Sun, 20 Feb 2022 01:14:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7291 2 KB
814 B 63ms
19ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8c728ad2-e5ac-5133-b33b-bae1d12a2f15&CACHEBUSTER=671996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

8c728ad2-e5ac-5133-b33b-bae1d12a2f15
an.yandex.ru/mapuid/betweendigitalis/ Frame D2A3
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8c728ad2-e5ac-5133-b33b-bae1d12a2f15
https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15
https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15?redir-setuniq=1

43 B
108 B

42ms
42ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15?redir-setuniq=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:34 GMT
content-encoding: gzip
last-modified: Sun, 20 Feb 2022 01:14:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 20 Feb 2022 01:14:34 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:34 GMT
content-encoding: gzip
last-modified: Sun, 20 Feb 2022 01:14:34 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/8c728ad2-e5ac-5133-b33b-bae1d12a2f15?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 20 Feb 2022 01:14:34 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 104ms
103ms XHR
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.sgtreport.com&rs=www.sgtreport.com&sid=58708&t=1645319671&cip=217.64.151.29&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1645319671538-985795327254-009136-015-009016&cha=0.05&stagid=&stplid=&d35=&d36=6.1.5&cb=46385456423&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&d9=1000&d37=realtime&AV_WIDTH=672&AV_HEIGHT=378
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sgtreport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 01:14:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 /
c.mgid.com/vs/ 43 B
361 B 112ms
111ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/vs/?tid=3191&iid=372834&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22748d7fae-91ea-11ec-bf14-e43d1a2a53a0%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=36250&h=DxUo0TZtMsA8btWeqVQmbeMMJiPzhK-Q-HoDiZ2LyyLiehR3idDNPGJhGXOPPMKX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e03e0fc5b735b98-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 54.162.74.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.sgtreport.com&sn=&cd1=desktop&cd2=0&cd3=native&cd4=372834&cd6=11&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.5&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=5f77212252e5813080721d0e&stagid=&stplid=&e=AV_M8&prbdres=errorlimit&cb=1645319674291
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.74.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-74-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 01:14:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame D2A3 0
410 B 185ms
24ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=8c728ad2-e5ac-5133-b33b-bae1d12a2f15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:34 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=0&tk=1&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-f%2BooYX5EcAEJWg%3D%3D&sc=1&os=1-8Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=180&w=207&fy=1103&gp=7861.5&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.sgtreport.com%2F2019%2F10%2Fdeep-state-in-total-panic-as-durhams-investigation-confirmed-to-have-transitioned-to-criminal-phase-indictments-imminent%2F&id=1&ii=4&f=0&j=&t=1645319668778&de=926228728797&cu=1645319668778&m=5898&ar=944fd8091a1-clean&iw=0f4cc90&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=7861.5&lb=9550&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1284%3A1284%3A6370%3A1322&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=3%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5141&cd=21&ah=5141&am=21&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144842%3A167396%3A6856213%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1282293486&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sgtreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 01:14:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 20 Feb 2022 01:14:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video-native.mgid.com
URL: https://video-native.mgid.com/XHcEUCFl-720.jpg

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sgtreport.com/	1970-01-20 18:33:11	Name: _ga Value: GA1.2.498148452.1645319667
.sgtreport.com/	1970-01-20 01:03:26	Name: _gid Value: GA1.2.310160179.1645319667
www.sgtreport.com/	1970-01-20 01:45:11	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mgid.com/	1970-01-20 01:02:01	Name: __cf_bm Value: fUycYzBWuPHh883g6i1qEdl83MxaYNVtMEKJUzqpVyg-1645319667-0-AWRtgFnEnSAOl91pg7+osMomwry7Yr/rNoyNUHcsf30DtuwZuxD5BgxaledEH4Nk1KyQVW07B+klngk3o0l4MqA=
.sgtreport.com/	1970-01-20 05:21:11	Name: _pubcid Value: ba06b099-7cda-47e9-aff7-ff1e7fc5a1cb
.sgtreport.com/	1970-01-20 01:01:59	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 10:23:35	Name: IDE Value: AHWqTUlzmYXWcsFSHxkfT8hniGMVLIoOz06BcBZA4lTe5_x0PawwMN613fv_9Yq-MI4
.zergnet.com/	1970-01-20 01:12:04	Name: seen_crc Value: %5B3811411856%2C544416794%2C4001831654%2C3027982558%2C4232543185%2C3382354613%5D
www.sgtreport.com/	1970-01-20 10:23:35	Name: cto_bidid Value: RFYbH19xZkFRRENYMW90UkV2T3VOTmZmWnYwSmsyTCUyQkhhZXBHbVZ2ajRBOGVGSk5tVUVMRWxGcllhSEpKTUxiZVNGalpiRUFmbHRSTUhmZUx1WFNQWmRQMzhnJTNEJTNE
www.sgtreport.com/	1970-01-20 10:23:35	Name: cto_bundle Value: mueJa185dUw0cHRvcmElMkZUdmRjdTFCTmRQOXBzNTdIJTJCNWg2ODZuMWlUOEF6dmZIM3VkS1FkWWJXNllGYlNPNHRybnpISWpKUVlRVjZtUUY5R3VCMmtOblU4RDRhd2s2MmElMkY1R3ZRVnZwZGQwczRiS0pqVjFuR0V6ZXQ3WmRHWGhWMnludg
.sgtreport.com/	1970-01-20 10:23:35	Name: __gads Value: ID=b37c2792741089ae:T=1645319667:S=ALNI_MaTRYxiYITCm3uAxnCH5Lztg3_99g
.rubiconproject.com/	1970-01-20 09:47:35	Name: khaos Value: KZUKULEW-1K-O94
.rubiconproject.com/	1970-01-20 09:47:35	Name: audit Value: 1\|hLZGFuTafB2w8V5eP1gt/CAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS35/puHewG2Au2GBLneThy+lrdMQUyp0weCAnekPgJibaVlRwbFEgPfQD5U7tEfUTQ==
.betweendigital.com/	1970-01-20 09:47:35	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:47:35	Name: ss Value: 1
.betweendigital.com/	1970-01-20 09:47:35	Name: unm Value: 1
.betweendigital.com/	1970-01-20 09:47:35	Name: tuuid Value: 8c728ad2-e5ac-5133-b33b-bae1d12a2f15
.adnxs.com/	1970-01-20 03:11:35	Name: icu Value: ChgI95t6EAoYAyADKAMw9avGkAY4A0ADSAMQ9avGkAYYAg..
.adnxs.com/	1970-01-20 03:11:35	Name: uuid2 Value: 1493518858183829192
www.sgtreport.com/	1970-01-20 01:02:03	Name: _lr_retry_request Value: true
www.sgtreport.com/	1970-01-20 01:45:11	Name: _lr_env_src_ats Value: false
.bitchute.com/	1970-01-20 01:02:01	Name: __cf_bm Value: nSHVz2FN9G0l3KJQRvuSeZkuoaJYgvEDFwpJhMwsX.c-1645319669-0-Adxtj9aWFbaUrBMaJuC1Hc9NcdrrVG//M0zQ2zCaJxZzgQwR5cCYAD9AWT7GIc7Wgm7eRgdP7RDh6j6prRmJzyMvdrb92CUEoh965GqCjAKNFtjbP1DjCGBqGRRKKbh5SQ==
.adsrvr.org/	1970-01-20 09:47:35	Name: TDID Value: 9b9b8a47-84ae-4c49-aa1e-1a48cd14f61e
www.sgtreport.com/	1970-01-20 02:28:23	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%229b9b8a47-84ae-4c49-aa1e-1a48cd14f61e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-20T01%3A14%3A29%22%7D
.sgtreport.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1645406069627
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m1jut79OpEeh
servicer.mgid.com/	1970-01-20 01:02:00	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
.criteo.com/	1970-01-20 10:23:35	Name: uid Value: 67ed38d1-0dbe-4afd-b2a1-c6a924e0b7d0
www.sgtreport.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C372839%22%3A%7B%22page%22%3A1%2C%22time%22%3A1645319670660%7D%2C%22C372834%22%3A%7B%22page%22%3A1%2C%22time%22%3A1645319670753%7D%7D
.aniview.com/	1970-01-20 01:16:23	Name: aniC Value: 1645319671538-985795327254-009136-015-009016
.bidswitch.net/	1970-01-20 09:47:35	Name: tuuid Value: a767fe5e-eb65-4cf3-8b2e-b2b4d3a488fa
.bidswitch.net/	1970-01-20 09:47:35	Name: c Value: 1645319672
.bidswitch.net/	1970-01-20 09:47:35	Name: tuuid_lu Value: 1645319672
.adhigh.net/	1970-01-20 09:47:35	Name: gi_u Value: 5IjVGDl2bZT.AikABlF_FLHSbQ
ads.avct.cloud/	1970-01-20 09:47:35	Name: uuid Value: 950cad3b-643f-45ed-be88-8b8e36ea727e
.adsniper.ru/	1970-01-27 08:13:59	Name: uuid3 Value: IiQ3NWJlMmQxNi05MWVhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.adhigh.net/	1970-01-20 09:47:35	Name: btw_sync Value: j50
.bumlam.com/	1970-01-27 08:13:59	Name: suuid3 Value: IiQ3NWJlMmQxNi05MWVhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.mathtag.com/	1970-01-20 10:27:54	Name: uuid Value: 11d16211-95f8-4700-a2dd-ec029de0bc7f
.yahoo.com/	1970-01-20 09:47:57	Name: A3 Value: d=AQABBPiVEWICEKIxtL5qsTpokQIPrgZ3SgsFEgEBAQHnEmIbYgAAAAAA_eMAAA&S=AQAAArG85kBGZ0BwKvZvMmHQW_4
.adhigh.net/	1970-01-20 09:47:35	Name: bsw_sync Value: j50
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:33:53	Name: bcookie Value: "v=2&7ce89aa2-0eba-4243-8a98-b72c9c3f6143"
.linkedin.com/	1970-01-20 18:23:12	Name: li_gc Value: MTswOzE2NDUzMTk2NzI7MjswMjGEXkOXWzdzCTSVwWEdpbGp4PY55K/U16ALJivbyS56bw==
.linkedin.com/	1970-01-20 01:03:26	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2649:u=1:x=1:i=1645319672:t=1645406072:v=2:sig=AQGz5rSNsXXq_OGdf1mUiphvCtS0kF0o"
.aidata.io/	1970-01-20 18:33:11	Name: __upin Value: 3XENc0JLm8QSzWOO5KbfkA
.aidata.io/	1970-01-20 18:33:11	Name: __upints Value: 1645319673
.sniperlog.ru/	1970-01-20 13:59:35	Name: guid Value: 3C2726D0B9F955D4
.tns-counter.ru/	1970-01-20 09:47:35	Name: guid Value: EBEF6911621195F9X1645319673
.betweendigital.com/	1970-01-20 09:47:35	Name: ut Value: YhGV-gAB9-is_1gLYTGQSL-g7IycpOvNJ0r1NQ==
.yandex.ru/	1970-01-23 16:37:59	Name: yuidss Value: 4583079701645319674
.yandex.ru/	1970-01-23 16:37:59	Name: yandexuid Value: 4583079701645319674
.adx.opera.com/	1970-01-20 01:45:11	Name: UID Value: b1463f79c8c046fcbeb7fa2638398698

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://api.b2c.com/s/fpc.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api.b2c.com/s/fpc.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-54-186-85-70.b2c.com/s/pp.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-54-186-85-70.b2c.com/s/pp.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-54-202-241-254.b2c.com/s/pp.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-54-202-241-254.b2c.com/s/pp.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-3-71-7-237.b2c.com/s/pp.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-3-71-7-237.b2c.com/s/pp.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-3-122-254-151.b2c.com/s/pp.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://api-3-122-254-151.b2c.com/s/pp.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://zbbb278hfll091.bitchute.com/nLPcg68RnP97/9XKVqMYUAydU.mp4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4089fb33ed450f4103c8fdbb7c135bf3.safeframe.googlesyndication.com
94c515aa140bb04ef17175ad694bda8e.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
adpone-d.openx.net
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ams1-ib.adnxs.com
an.yandex.ru
ap.lijit.com
api-3-122-254-151.b2c.com
api-3-71-7-237.b2c.com
api-54-186-85-70.b2c.com
api-54-202-241-254.b2c.com
api.b2c.com
api.rlcdn.com
assets.newsmaxwidget.com
assets.revcontent.com
beacon.sojern.com
bidder.criteo.com
c.mgid.com
cache.betweendigital.com
cdn.adnxs.com
cdn.mgid.com
cdn.plyr.io
cdn.revcontent.com
cdn.syndication.twimg.com
cdn2.customads.co
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cm.mgid.com
code.jquery.com
cpm.convergeselect.net
crcdn01.adnxs-simple.com
customads.co
eu.b2c.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
gum.criteo.com
hb.adpone.com
hcaptcha.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
images.newsmaxwidget.com
images.revcontent.com
imasdk.googleapis.com
img1.zergnet.com
img2.zergnet.com
jsc.mgid.com
kloperd.com
match.adsrvr.org
media.newsmaxwidget.com
media.revcontent.com
mug.criteo.com
newassets.hcaptcha.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pbs.twimg.com
photos.brighteon.com
pix.pontiac.media
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
platform.twitter.com
player.aniview.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
px.moatads.com
s-img.mgid.com
s0.2mdn.net
s3-eu-west-1.amazonaws.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
static-3.bitchute.com
static.criteo.net
static.newsmaxfeednetwork.com
static.xx.fbcdn.net
stats.g.doubleclick.net
support.brighteon.com
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
syndication.twitter.com
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trends.newsmaxwidget.com
trends.revcontent.com
u.openx.net
v4-api-3-122-254-151.b2c.com
v4-api-3-71-7-237.b2c.com
video-ads.rubiconproject.com
video-native.mgid.com
video.brighteon.com
www.bitchute.com
www.brighteon.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.kitconet.com
www.naturalnews.com
www.sgtreport.com
www.tns-counter.ru
www.zergnet.com
x.bidswitch.net
x01.aidata.io
yeet.revcontent.com
z.moatads.com
zbbb278hfll091.bitchute.com
video-native.mgid.com
104.16.169.131
104.19.134.78
104.19.135.78
104.244.42.136
104.89.20.125
104.92.74.8
107.178.244.119
108.157.4.14
108.157.4.26
142.250.181.226
142.250.184.194
142.250.185.230
151.101.1.108
151.139.128.11
151.236.65.12
178.250.0.165
178.250.2.146
18.195.10.145
185.29.132.241
185.33.221.50
185.86.138.16
188.42.29.168
193.232.148.144
2.18.233.180
2.18.235.40
2.21.141.148
2001:4de0:ac18::1:a:3a
2001:6d0:4001::226
209.59.154.37
216.52.2.30
2600:9000:206f:6a00:1:93c2:a1c0:93a1
2600:9000:225a:f600:18:9413:7780:93a1
2602:803:c004:200::140
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:623
2606:4700:20::681a:723
2606:4700:20::ac43:44a1
2606:4700:20::ac43:49e4
2606:4700::6810:125e
2606:4700::6810:8746
2606:4700::6811:a64e
2606:4700::6811:e4f
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:2ab::2c79
2a02:6b8::90
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3601:21e5:efde:30c9:e168
2a06:98c1:3120::7
3.122.254.151
3.123.202.144
3.124.34.143
3.226.120.126
3.71.7.237
31.172.81.158
31.172.81.160
34.120.133.55
34.202.18.77
34.247.9.63
34.95.69.49
35.190.30.115
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.39
51.89.9.252
52.17.151.21
52.215.102.174
52.215.125.248
52.218.57.59
52.22.187.135
52.222.188.9
54.162.74.226
54.165.164.249
65.9.63.104
65.9.63.124
69.173.144.139
69.173.144.165
69.30.230.98
72.142.122.58
77.245.57.72
82.145.213.8
89.108.119.28
89.187.169.15
0036e0c31960141e4392118b4cad74eae78486db68ef87481da153a2dd1e5214
00db966a5af0d4f846f4b1cfee7d98d0adebefab46318f61f1bfe5e982416783
00ecdcfff547392fb20cd855901b74bb802be9622cb298730d94e22eb4eeae9c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0308193c927df3ebc7203ef913ef64ad285ddd7cc0883320a023facf7bf4df9d
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
0455a7341934193941b1d65f9022d986164d291a3be03863ae9faf3f502d3a20
06772904942aadb9c0872e5109e4711b29de8724f6f9f24c861a22d411f5a26d
06f9f7d2b3c29010ad76f4702530b62bd5d3477cc6e8f3d7eb2d692ce8fe7753
07ec0272972dcdb6e079ce032e15cc1f6de374d89b9fdb9cf9af5c2dd2c1070b
084a90aade0f3c17f3db2d46c6780a950444854df68901839ac4779a5254ba16
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
097dc43e7297a50b464d4ecca90ce3b316d3f83b08ffa3c15c7fd10e12626c67
0aca8f8f8c479c67708efe4b591c2d1dd665a6adcf5881edf5821c10ef3dd879
0af5f7393c2ed0e53c7552a31026edb6b5044e5d09411b983bf61b88abb985c8
0b41677dacefc3bab4c1c349cd753f343d3605b745acda9f0054a384a82f65f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c590833c3efc6b446f99216bab1bf86915f31bc42f523819d3516d5af16d93f
0c5915dae897bf5ef98f46005c6083a2d3fef32bf710133eaadcd42c345a322d
0cb38e0f3fefc6c76c15f859e260e42d2051c9c6546410ff8d8f57b793b8b42e
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0e538ecf20266125f832923a584a2a959f6ccb7a45958935fe62db14753799f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f6fb7105c75800537e27126a413993054e97fd3b281a6199c994af24a67c75a
0fabd4eac35ba43560122627965b38a38a7ce54d9132995f87f346c733e04465
0fb911be31d77d8e291d544e896cb937f37188212f42f0d2c0d22ebd9c098303
0fd42fed19024e13c7ae7a34cded96eef27d6532fe8af4f07f45ba10ad795965
1065275418c8a6f65c4bf7d6404b7754154d0cda31e9219618d985e95f1bb8ec
106f488d10b1b8803b112b54b9689352dd017c267dc242c0ebb9e01f61fd961f
10d446c0dd836321e820d6964387fe587a587cb3e61ec1925c4c35b6a9348207
111acce7e0971a1760352091f173318ca13567d1f8fa27d14fa1dd86a91b487b
11ca59d830534fae59adb49eaf177ef88043998381e55079d5bcd9ee1e935f28
1390f94c88445a703f4d9023421bc6368f1265a8b53acad10c29e62b04c13b96
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14602de7ec18e2662be60f82fbdbc9561a4df72457aa3b690985be1f22987475
146915ab2ce19690cc1973c5e5518ada574f1f3b403838d2e146697a1aa706f6
14c28a2e512cbd84cc8bf6264a77ff38ce59c0964876e71e00c82124e367d03e
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29
16b2649c0b15ae3b78dfc8873f5a5c3880127bcaade71078675581c9b72242af
1708fe250d9ec56e5e0603b95d5ce012d825b156968ec40057a5de7e1a535a2b
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
2248b3109cb5065af0fee773809b79e88ad3c03176c4edc5dee1ea76e3c69f79
233119494631d8322dbe9a6ddc6ea9487cb66c97a1c0c30011f41cb64f0525eb
234b79b1ef625568c31211f05bfa5f7c13207911dae348f7c4d60b5895ea1041
23949fe7ab795927f15fff019d990413cd90038407d83443e92a6c03ec589137
2461d4c603694783cd7fc7e05054986cd34cbf034752f73dcf1b045a9f1cd8ce
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
298026de987e738ac6cf8352d1b6de9726e5129be514f3d7a460d09ce57ed4a0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adc7f031840ffbd69bcb603c972f9bd95b83bbef7f3155b5b58e4b145dc209c
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2ccd75fd134ab20740d6a8fead47c1c3498bc26b16c1ae45460ba56d0a055bc8
2e799ee1f2f9d560736372c67b1a4c84ca1f8ea8249041182e781abfc2adce47
2e9281601fe408ae3b648c03691d998f3bab42f2b954a7ea14e616935b5a1b51
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
316c7a44152be4655683cd22b6abc5b1ec42c2f755fc06b6a3203209cdc12453
33bc78d49e3993b23f88b400358f82db81fbadb7f281958456284297965e2e3d
3464d676537a0f1d5d3861b61eca4b6887ccea3fa912a2537775ac194ca8cbf0
34fb284b7781db4c2b4082a25f24ed661df57882b125974e0f617dca6c5ead77
3555f2a64d8a6b1f4d9c4f821a31020b69b3f75a55546643f417cc40973a918f
35cc81d632df8ea89b12a5b96857fe61b5091baca46d8872ed6b2f1cf43c95c2
35f01bd430a96b626c6c2f06ec01cd6617242296bc8013d068313abe5a459d93
377426eefc5b0a48d3d23f3ffc1d40ef19d251e49d776a69978108fb0efefa49
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38d183a52b13dd2226c3cb476da379aad1de573c30478fa1b20c06c028444ab3
3a7e9d5385430607054d9ce11f05fe39d8f4feb55483ef04da6fe2b59615fcd7
3aa937023561df0f65b239e330e5d8df10ae385f463b9ff142c201ad456b2bc1
3af35c7c78920e43c1b1d3b01a0d8d817f6a5d6dcb8ec1eaa768ff920336b2c9
3afd488118b9019714ff52272552199e22e0aadc3b9a6f5ad7452fc40f8d8c19
3b97602fc2e8fab40bd4ccba0d95efed5d650e4bab455b98b6631970031dbbb3
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3d622d612bf87f99b956718128a940daccde3b6e8a39609341cc7fc8dbea4db1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dae3d45394340306f805d6cd86fc1981c1a378308e37910f3f242157f0abb10
3eccfa9bba8a97eba67d764e11c6e85ed1804ce9412129178e06aeee57b87558
3f69d6b346d6dc4fad4bece058e8faa55348ef41733d82166d69d64f7a2d6e04
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe4fee4323cd665841cacb391f5e0683b018c44a7688f3d6ba9ba282bb11bc4
413e061e7e95644f4658890d0fd8db69ee1a763e02fb8309fc9434aa2c0b82cf
414a7272bd807f38f4747ff40cc18e65d3a04a69a2f78dd15c09fe34e3b14a87
42c0804f0dca18afce9bb13b11f86508b762d4ace2737109ddd656f0f10d6609
42f6e692496470287d379174c331cebaa822f4369de66c4bbc9b7657b951b9ef
43b260a9be964981c17ba44610a39faa6c4cc47fa1dbd66a28bd3c4adae97374
43cad54fa49cd302457202e6a49424c81b83f5dd42b90d2a3fd011ee4cbc7e09
43e9002f10179a6d252b086d31250a439f7ffb45d1eb6cd3509d2488fa6a3340
441190ba2b13013b7493f024e780f07c29817bbc83f6b81d507c406605718711
44b7c82b38e5251217b47b779209d810b9ed85d767bb66ba596a50134b13cab2
44e0a88582d67790424d5e04b1752bc37a9296179eaf14caf302e02844629cc0
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
456033ad65125f7d688bc3dd3dfb2fc7c55d51b2cede0fd2fca1e87643da6e8e
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4641a0b17c898a4e06c8b2174cd6b29533883f13190b2c8e22a9520a7fc3ed02
46617a911a33e19a65d77579de3380778907bd842374c5c86a7feb67f737dd7c
46a118de874144310325ff23f13195e5c064d59628b63667b3bce152ba338232
46b8c54b65b5fd3bbe9242cee35773736c5997c027128c7b852df478c6398b4b
46fa3c738f077fed701f4ce44ebc0bed4066a8ec40a2a2f9396bbedfb9992c5a
47231f968a1a1bb001211d6740be108b3c1c21f16b11dfc9ecb08d8d124f132c
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
486b9e60d87048c7a296b8da51240473865128081e3d698cb96aaa03467b2559
48d0d814eb294d1fb2564d3f31eeaeee5c3472518c66282852198fac55176a26
49468e194f1bbf67036d4379e428619e592bf6ded18ff17cb5fe423e91dabe5c
4969e0e92bac024f3580ab342d54559d8a1f5358cdbd62a6ba9d369be9320795
4b1c7c573797b5216fd472808ff7be94a01a720143b01b22c702966c09e8a925
4b69d4d881a25112a646c64a9393cd9b0fa7542450be9fe3c3c767621ee2aac0
4bb492c8ded6d8484f7244eacb7758441d16213c3606ad54df5f082df5596ce4
4ceb80da67293697244c88889b475d2871f8fccdffc2a0cc4c48c2c8710df878
4cf36f22646bf17d023b25e6816bc087a7c255ace343d9fab472ca2cd744dca5
4ebf6318650a0a5df364cf9e5c6e0add06ffdb7890f0eb45f0f61d44d4fb96df
4f0c8988f237d3f04725d272730489e6447349663a84b939673af3c89cafa5b9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508c99d8a2ae5cdd1fcc0eb801db1a6bf0fc74ed45afcc4c41b83ccbab05414d
50eeef5ff2a14eb9e3a2b73c71fb979b305bde79c0188a7c2eda91cfd460c4d5
50fe5b3cb60fc41a4bc41517e7886d035a25e0929870cb439d99479528175279
510684c77031cc7dc17c50127e886adeb71748c0c25e17174de1eee9b838650e
52b6d074fec42a52a904f5ba64a8121d4539b98665a79bfe1703f3d377708170
52c29db24b0d81253a2f8e93a9ac0a521692adde0201d25dc284de79a415f39a
53e9c55fe5f41157dbad4bbe10102027c3ffefac20698f2acdc9bdb554aaed59
54854c7f9b5e9798209726ee090515056d053f86b07584995b223198651517db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fe3cf727aca81cbcc9762c92df79fe134b6e948455339fa6b7b47057579a14
550e56d3d1dda39b665b2d9f5f5a0baf52e4a0d6fddd58df93f9e4bb3bd57a90
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566ee6e2492e7fcfa4d4ab6075d32a3e6326ce1ddda600b5a8b5f94e0a400009
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5721f71b8b6e2d1c931c7d168ce59e11b4014b200be4ddb637005da34ba2a672
57aef09cd8a6db322a80da532cc48fcde6e2abc68c87eb2442ce85658e342843
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58c4b1d1f89184afd8aba7e54541a3c2735ed87d851f08722b5549a646d70229
5967a4277a3b78266dba7a7612b82873d49a66ddaef6ce8d6b970376a23c7db3
59fb42059c332f713c4f4d6a7fc014f5bab191a04340829999debba0b92f81a7
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ab238b6d490e3bca2b20e3f326c87595491a253fe41de7dd2613b76bedba9e3
5b132f264eb2085089de42efb8195060d66a227e23b4fa6c36cbed97fddd7db3
5b486f3c72db3452ab4a0349f9e75f463b919de822765d06652f92c628b6aae1
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5c5ceebed69a08c15302950fc5072f1cf037c25b762fc149b9d79e28aafb64a8
5c5fc410302a7a12d002eaf4eccd0f449d14d2762b285e40bd77aeb9284ca200
5d5842dc9639afb56fbbdf76a73c3432dc52d10687d807cbe25ddcd49e7a251c
5e0d168b94a8319d5ed646253def036e4d7c9e3e9d7b763aa40a99404db715d4
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ebba2aa264a8955c10917e114f68f4319817af984fe5c43b666de172127ef61
5f4da0b5cd0dde363870c748b00293b13ff4ccc98032378be85794c4776656e2
5fdc9046257aaaa253a551ef9fda09596eb7672d885281c8b6b1db6c593b08aa
60b21fd316eb51808b1c69007b561f221c69326645de4602ab47910c3a3a9ffe
60dde6e44e673ee690a68103f5470d5880ce4aa9f14942670c60e411b93710f1
61391cb434a0c17cc9472e168f84513b4917a04abdf6074856902d944a6596c3
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
620323d09760e4de4c64a4b9bc8ac246fba0bd7d1c9e268427eedb36d020b6cd
621e239041447ad520be8f91bf01c61e630b2c70df70dd941f901d4d9e7cdd11
6326817dbafa26aefecafd4a003fc986ba8df85126977b88074d387ffcc311a3
63f9cfdc969fcfa0ba6f76de8cc24f3872b1c039b3bb284612242954d7d50f26
64d77f716023e0e9d43e7709e3d47a3031685209da1f096474e2a2d525e22012
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65d70424eb7b0fe1d3fefe328ee059a245e27b6c3529f3e06d55e5cdb6c0e6b1
665b34c904346580dba60514040ae85cfd3e6ba1438e403092ace2c55364bfac
66858a18f40bc94d285007156809f27a286d2d3c001f1050d62eff2185968709
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67c7acccc327eddde8188b1302a44e4c30e7e1aad4f0d6ecf6e2b70e3dc75c26
68814226308e00c710140755047d487d81f70919819df2726ed98ad5c3f45bdc
693ca9f6b483ca2d55117ffa494fb0058219304dc378001bd709c65613becc86
6a94960b0f0b9d0d23ae0f3f65e790038e0ffdbf793b4e2a70cdb32778ff7a24
6b7e98cf5f866a86d87e062837ae5da65507c067fcc91b2837694a516ab49e08
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d49a1a2d0769bb5886f41e8805e5ade0a4ce1cfefc35cf20b11de3d894d0737
6df038dcadabf7075ffc119c6812156102623f20cfa198463334b439201ea148
6e6d776ffaafc0bb1e45286865f3c75d3a01aadfb52e3c107a88437c2bf79fd3
6f28abcd2129d930ddb14a78909db6d1f0652be1bb09b672cd46337abb2b1327
6f2bbaae1b76aca3c0c61df2740f894c224e7666a37fe3c9f8ec8f2530f9bc93
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71a904ba726ae38a8aa08425bae824e9850452b5c41a182bdc526a139ba3a9bc
723f2e6d2e63263fa6501a3049be9775cd3b60753488b28f058d670d1ff51a61
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7329790be2ad149424162c688951c9be2a3145b35c11bd07096fddef5af13eab
73c880a4f8aa88252c1221c01f81396cda7d05b3f213881fabb6844e49bf4585
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74bf5b74b903df718ede56a081265eabf0878d8352f59914c39ab4c127125a45
74f54cc2378c85fd78d208e6eea39ec2fd520a1365ee8e22415abb0120998f44
75d5479dc42d3ccd5bfc4d3575af65518d8aaa9c64671c7efae2dae2bcd033fb
7619f952cb2c6d6a25ee105205abcc61014595c080774bd02f134a1324acae2f
763db9195ac49fa3f6694511e42fce415a9922e570ce067f3dd79ce3a2b8b2d4
7724660684cf13ca7761b57a4b33a2dd88a7f70fe64cd3b1c4574069ab3aeec2
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79e9a04018da79876b60fdd8c748122ff327b62f2f969279f4a5c5429e77c430
7a1f7eef1aa1d1ed84333888c9a32d550db4f6baf7dad9ef4428b96828f4392d
7abd14c439fd5919802db92caecce1aaeaeefca6a247ec83a2065dd23b3559b9
7b3e9d07be4e2e798382f9f38131e602b8b8a095cca88db5a1421b971b672cb0
7c1e8eb9fca06245ec5e8b484959c806baed43e99684852f7f49f5c12c82b24c
7cd54757f6878501624365ad73604e7a494fbf41fd4435521711364a7d0ccf37
7e2125ef84000f0aeee5d9dc666315e264536935c985f86904674ad3eced30a9
7e5d0fc7b9e22b1103c6f495d34a0c78dbed3b538fe64dbb0d2858b5ac2ea82b
7e7e4510dcb38f09724ca8f83149e86380a49547ce1cac436dbc42c5084d3adb
7ec4ea7227f6d342794724b0653ea10d95bc9ada152ea17f7bb384115c98c50f
7feaa922b06b085762fb09e07c97c72e2f9c7525f03b2278ecd4e27f97a1b27c
80f70efe7ce3c13841f8c8cee03e5d1efdac871633aa7e4be4b18bc9a55b9348
8127f77395ea22632cc347769b2039e986290e61e60be6d6646c287b3f948a32
81d611736a5872efc03207914dbbfbe8b1ad6e278086c6ee87c473adddcadf75
81da8bc9eee57e76526bda924969b791cacd7cc90454f7f34eede67e5e9dbe67
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8217760c35984f22fb76585e9e333422f76d240b13468ea1be525a3ae773117b
8218cb4587f447ef2d993abcc24788984b7ed680bd78cf24ca28c10ffae7adb7
822e2805bc659f7831dacca84ce653e94dfa471f11d65213b9a997dffe1dbd4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834f8bbe14ef3ba46b460a53b69b49b8c787808b8eac72312fb060940a76b1b5
84d52a6ea786ff9e126ab92ed7da47b2d5c4d2e95e2f223e3cf92c6d4d987909
866b3facb1d4b1acfc4fecf2ba23692d0ff94367d44b674b715584d24871d532
86dd4bfbc12652e2d8490e072974c8eba755d51c3a1d02a0859ea19917ae5a85
87906eff8c7c4e5a552e9a2c88d43ed14629b23bf9f1142e61b214b555471d07
8823f78f0f4f7e811642bc188995b46873df218d1c9a94160d0e3e4fb3ea4413
887a1c8810cb27fcdeabcdd8ff62ff6ead01a9417efa3fc6303b7335ad726684
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
896142ffb555b392a8b146e37123f08a18e72b880b82a199dc9a13b0ee7260e6
898ea1bd2cc0ab186ab61dd29920e2498ca87aab8ea592227c5030308a86aeb7
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b8fd42428fc23cb3e05286969a166064c0d301ff369b598dbb456abf969f679
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d470c02b2e1a364053b46a69ea8d7bc4f32a38118f3af3149a8ffa10acc1ab5
8e00a3274f9fce58df20ab0086464951c0b6637073d01d9ff3c84eda73250a4f
8f2060e4629f0aa3e85465c0c40290f629ca32ef387bfd88bd1182a8db105ee3
8f90aeb95b1d3ed85741aa83d086e4503d7c5103c0bdf4f0d767e6898126dff1
90494772a11146cc5080291747836c8e85dc1309a8bca8a720c300bcd830c537
90549dfdaf9611ef8a2b6b8ca913bf99e64116c43fe18f719e7440f802bed218
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
912af7e842e9a8a222728745f8c528bba061a8dd877e29207f7ef2cdbecfe8a8
912eea84c7a87449e0bc05a4d7de9e83aac26bc6d0aa7135bda08cb76d47909e
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a
92297939e3b427883fc31224fad7c981ad78e760c7e937e0be2bbe8a2f22a603
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
930fbba31d879eda5d12387c6b71161141dd7bc4cb00be5cef84661df672e3f7
931f4a8813177213437222e40764c496035212c31f61381c8c4c63d34f29a254
932e9a0030a21226f1fdf3a30c2555954981a03e1b79ad7931067b59618d809d
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96c05dd253769b774ba6b472977a80a56bae04872a1d58f8d6081c5806949a7c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9949a49a6e8350d6c83ae4d1d53950e71225c7da27bebe1d92c74949a9868ee8
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9aae70129991aa071284777e8bd60464304f703ba69427984f8093720b253e65
9c5cf152044e0ac9c8e4d6e31c8c7abc74741c90d677a5c1b2fbade70360496a
9cf1b7efc40a26542b0709391af5fef2b01f487975f3e70385d566295d671231
9cf3ad91d41df05e80cd1614c9f9413858d859e40ce491d329efa111efbae06c
9e245db4f1b98091b9f8fd81672391454d32a734f44880757ef822bd80ab6647
9f539aee18fca6282981ad86e09c635f31791854bfaa1bb142bd4ebfa63ffb49
a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8
a13428b61427d37c7f4d2f1d4386a54d2a0ec0abaa9b3fba496a0da819e076d2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2df222243ebd1769b7b2abe86e6c652300a49ee2ee4b86d303cff98d6662214
a31d27f5ef1a9a41ce9770bf32a8b37308b3535b429eb1783e03f5a2e3b8e1b5
a31dca2f7dbfdca4fe37111b3d36a24e1d365b5ec80ffbf934ad748b9904be7d
a39599694b720f1d903d043ef5096968fdb835a789a0d72d70f20d106f514fb5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a6120ea6f21c39cc7ff9e6695e169403a888bd0baa0542ce005bd3682a2ace95
a6ed81333c60dc92383080cee7cbac3a06bc6fed9e1a298b4822c6bed4684ff0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8330e9ffee2fc5c6316a3d51b0926bdb168ffbba04638c3709c9240d7eab5bc
a96a4b7d17df7dda63bd2d17a77887cebe8c2948126ed3bb2f10a1e10277066f
a9ea5cba1ae443941551362461f960ab8e40b4f1efee364f6d3140a2a7463946
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2a56be8f3774a4277a3f26c4c225923bc553f3c30a781099d7be32fe898ea9
aa8409101023675fae13b8d05b4732ee33506b96c08b6813e31b1ce8703655bb
ab6fc86dae4738e21d6959ac06fce52b7a38061a8ee36d877b03668489338962
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad94f954cf93d38009e614cf9bc41b91fff4cbd642e049e0cde7c96bd5a1589b
ae1355341daa923bf2f84a58dbea51cfe3fba998366225d91e0135ebf011c4ad
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af89e267a01f003967255daf1f5a1d5fdfdf3fb930470e1b4815e221404e1542
afbafa8fee72259ea4fb6c17c0b6ea450872361db3d7fb86b7fbf479d39a2606
b06146f77a690e13319eb29435f10b5d6750fd7c70ed8ca077e4a89ebfea6968
b0695dc05fc1251444c66cd42590ac99a996a9ad2c20dc3124f97e345e3c91ec
b10c5dda2b12cc7f4a013a85b7ac0d166136881944fa80482824d633778d1d6b
b13433c98ad2529a4d896cb06068a9deaeadff451fc7e911bc7f6cdc1a3613af
b17e3e8a4f0c89f19ebb33507b914795f9552f48675cf8ff47ffe189acbc8206
b21b9ab086adcdbaa79d95c7a5f738f5297253101070b8ef681ca17b97a8d045
b3925897ba0d8343ca13c8eba8e415051bde0e4e694c4f0630f931dde7ebff97
b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334
b595425f7e19ec77512e7203156f0c1d0be7fe9c69ac5d361ec53454814aebe2
b59580d2c063af9575bf5cf04ec1fd8356a7fd7d496502a273b234ac56cda1df
b5e98bfa3f03e5a1573f5f14e47d47af248ac5adc3abf2724e2bddf972d14c09
b68e2fbba84e3b9255504ab792a243b7610a44af7c8eb72625d06cf888de3138
b6ad4c8233b3e77de3a69602c5768be48ab679691e699cdb7f2dbe04f00c40c7
b815a2c451b60329fafaf475f73f17e239e5623814ce8e54b7baf308945ec477
b90c7348339625f0fd1cbf7dee8a8ba9ad9bacde44c4e4a36cada2e5aaf677c7
b910b92a2bd2428007cf9958968c7a373cb0c4e756896ab6597f7749ca013611
b967814a2d7a9df60a14c51834e77e18668ee8fa94bb0d6e5fd0ee96448780a0
b9f979f8b70bfa772e77f5cfe93602ff0de2aac381f8cdc2941e2f1609e4660c
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc0c4af3d6b8125b7da52037f168c2e8850455784e22cd4bb610b53edd79d8c7
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
bcced6b6e339342e818f82c21b6b6c8ea8fcce9b944588031a2475882ddd7c4e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be1092d22a99ff35e266d2518b015ccc0f91f758612d62a9d3723a59b43e42a0
bf2bc83e4340a8be502f3fbcc1ffff593578f9f56e7df819d5f05a90d2e146c1
c0290d34b03471afa22fbc0479922c683b7bf407a08bf959da491e33737b386a
c046dbae11e24af96e2b9474b73d66d939f4797d56f0fe047b6b0b3373d9d273
c0513e0c918ca247044494df94fbdc8acbc782bf4d5256b935b7c72ae576131a
c08ecc6cd26974a044a07ec2417c53ae15548d8ae91b73f335719cb6acd02b47
c1d8e0a54826d79c4abe69a0e3ed4b3001a6f3de8d05c771516ea63d60347764
c2436a5ae402fe5a0148a672a0e8737499d14a15007ce6a82fce1f9cefd5e8d7
c3291977e0065193f0b811f415be25fa0e6deb5779795cf66fea34b60d225261
c3b3421fd8dfd17d1a25e0b129c178432707d25382268c0915cbe6987b60b50c
c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab
c5da7e29ceb3dcac7a1fcf404a1365f3432c15eff06b5cb59913f62797faea66
c6669243c5eca0c1b6f5d311415448c6a915434f93a4e3eb18abc7e27876cea2
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7961c16762a0299d27bdbdd04e1dcf0059d199fb73f7425275bb448469f271c
c7ac0796360a1429b20a753964ed8bd378f033322e991399648c81c291f697f2
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ca5b16eb38b7c0358eff0451f1be8fa7d8999228ba0eee22c10af7b706023473
ca6806f5631d0ca1cbd8c039ee41a5a10cf12daab028592d37f77f1addfca797
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd854c7a5cc71ac815b0e2769453993ec573c66369a5ca0daa199c834ecd529e
cf1fab072696cbe789d32a08c47b2860fd6b7109d48fa984fbfd8cc482e386f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1810795e881041a40afa930e057c8c3e2245bc4ff874454b74a0acad9f8fa57
d1fed1a57148369d611cc9232ea9c61c5a06a998c3f438c4e6009cf0fbba6a95
d2ce58443389bd9484465a18da856caf54f247854d2ba75e733de5bdc2aece42
d2ebcb123b52beb96aed11e884ceba7f59f0fdfab3d2e9e5a7d8b5b55c827407
d51843c602af2f44b7cc86aac67308f216eb8a6591bc44e5a9b1d46617518428
d5219f1eb6dfa189dcaca9cd7fe84ba81e6b60303d61b0a231b7a982b37f2839
d5444cd7071930c438b16ad5b9b000e89459ef0a0b6b189fe49aee4d62e4da34
d6c1006c343168ba2a5b3ebe368b490e7fd9158265a264bcfb41f272a8b32b9e
d6e10bb7a283d08cfe768b2e2c84137092526009359bc23bcae4af7a1792a29c
d88648a89955424c83cc98abf0040158f313e011e295e423c4e12e44faa65ebf
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcc66a5c6697d4a9b9b605a719348b885dbd019cd963ce65be655de660f82e83
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5ff22f209f83faf5c926cea38d0ea06af6bd1d01d44d90b7f8834161f0d8c5
ddc157a31bdb1da20d944525c69d156e9736f389ebb2ad98a272e1d8a124dfe5
ddeebd0182b9e9e1487c40d43c942972f8f7c30eb1e9f6d9591f42bf4dc16a5a
ded53c7867f03c1b9f6f5ef2adaf5f41bd0aa99d1a8a4592a22b5a95b084d7d0
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e014b0de4181588c8b41d9365279b9595c075f1867bc6d0fdd3df1e5b0c450c4
e0930fda0f03717f2758dc4463f9860713d28b2aaac38b2d6a2adaa7b96f410e
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e27d219b95a3a8fd9b1c99b1590be776c939057445e8260742e38e77b9ab5912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49a1fe195bafdcc12314311af0a01b2b1e27fc974ebac7103c211554ae0ca4a
e4bbf235cac8231ef771241f08c87b6cf7aa80dbba70020576fb25936701b0b4
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842
e6dcc6072189207134891ac28b07080289216f14d95f3b82141401a7a94eba84
e9ac5a278088cf100f06a1b2e0f5b930b0b1066b37766b0c5edf54663b971ae9
ea5d33b2116aaeb744b91486635b1b946eca7886c17d74e235195d4b8a1196ca
ec4483b5c07abde8246a41eec51ee0b3f9b97eb1fe1c90f985939b373a5a4cbf
ec48adc0eb52a39b29e72352928e5b96942815fb441b13cf146fd22449b0a657
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ed9c578b58dfc0a88b5f89ad3de8593d8987e798aace7327ef4fe48323c87692
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f078ca043e6e18d550b942649e2c0c34d8edd86f8f10e4cf65ab1cfd82a39edb
f1a46c2c348837a1ef9aa529e4b08d1f450b00b031c1aa8ee83f4963a16879b5
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b
f2fff0a054ce94a399b4b74e78a4ae6e4cefcea8f354989bf95e149b93511382
f39a0024355aab96f772c523a58f5ebd880e9753f3deb7ebf6cdc2e92bec6162
f3f190da7120996ee84acce8094248dfcfd785fb7ef0fd198c457ab66d27d00f
f3fe13c8f53e03e8ddc6314235807b011f97c644d91c4449fa68120fe40f8893
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f48bfe77cae2201fc0f8ff69acaf72e6aa5b49d8fe563c1c5e8162b9c36305a6
f4f970d206bf853232f1975e465bc8b8b703dff10aa8f861b24117ae312d5b9a
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5ba67bc6135ffeb90987a952eeae79444c0c5f7e599b25503a28809e66eb57f
f8c1dbb55b1f0f730a4950d4591925ea2205de0e2a1ad559fa8f26dcd81f34dc
f9ec8e7e20fb292cd502fb44092748f0071f378427e522f0e53144f140d62903
fa37a22c225adf0d473e2280b8462477aa3347ea58b3f24c4039d72ed188198a
fda3d01c7767b50924adea49b13db6cc586e17d80bb261bdd5fea63f514d6a3a
fdcb43edde19e9c27b72b5cd1cd912e10e313b7fff62fc4cd609c48ba3b4ef23
fe8e10da1217dbd6c18bc799f4dfddd3be179dde833dd6443dc24c4e4eb58413
ff4d148696c147127068097fd7756adc8a0283d670a94d87c6941f212fa415d8

www.sgtreport.com Open in urlscan Pro 209.59.154.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

829 Requests

95 %HTTPS

39 %IPv6

68 Domains

129 Subdomains

97 IPs

13 Countries

27272 kBTransfer

50177 kBSize

53 Cookies

75 Outgoing links

Redirected requests

829 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sgtreport.com Open in urlscan Pro
209.59.154.37 Public Scan

Screenshot
Live screenshot

Full Image

829
Requests

95 %
HTTPS

39 %
IPv6

68
Domains

129
Subdomains

97
IPs

13
Countries

27272 kB
Transfer

50177 kB
Size

53
Cookies

829 HTTP transactions
12 data transactions