urlscan.io logo urlscan.io
SecurityTrails logo

thetruedefender.com Open in urlscan Pro
2606:4700:20::ac43:4551  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Submission: On January 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 11 countries across 105 domains to perform 484 HTTP transactions. The main IP is 2606:4700:20::ac43:4551, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com. The Cisco Umbrella rank of the primary domain is 608279.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 5th 2021. Valid for: a year.
This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:20:... 13335 (CLOUDFLAR...)
15 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
14 192.0.77.37 2635 (AUTOMATTIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 39 104.19.136.78 13335 (CLOUDFLAR...)
19 2606:2800:234... 15133 (EDGECAST)
2 2600:9000:205... 16509 (AMAZON-02)
1 99.86.3.24 16509 (AMAZON-02)
4 192.0.76.3 2635 (AUTOMATTIC)
1 2600:9000:214... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.72.173.84 14618 (AMAZON-AES)
2 34.120.247.19 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 3.210.11.204 14618 (AMAZON-AES)
13 34.203.184.171 14618 (AMAZON-AES)
1 2600:9000:205... 16509 (AMAZON-02)
5 184.30.24.198 16625 (AKAMAI-AS)
2 151.101.193.194 54113 (FASTLY)
1 65.9.61.80 16509 (AMAZON-02)
5 104.154.142.214 15169 (GOOGLE)
1 99.86.3.46 16509 (AMAZON-02)
1 143.204.215.41 16509 (AMAZON-02)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
3 104.244.42.72 13414 (TWITTER)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 147.75.61.140 54825 (PACKET)
1 3 5.178.65.246 50673 (SERVERIUS-AS)
6 192.96.200.41 30633 (LEASEWEB-...)
5 185.64.189.112 62713 (AS-PUBMATIC)
6 34.149.20.76 15169 (GOOGLE)
3 8 37.252.172.36 29990 (ASN-APPNEX)
2 4 63.251.86.51 10913 (INTERNAP-BLK)
13 213.19.147.42 3356 (LEVEL3)
1 178.162.133.150 60781 (LEASEWEB-...)
5 51.89.9.254 16276 (OVH)
1 18.196.230.57 16509 (AMAZON-02)
1 192.0.78.23 2635 (AUTOMATTIC)
1 20.40.202.0 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
3 2606:2800:134... 15133 (EDGECAST)
10 142.250.184.194 15169 (GOOGLE)
1 2a03:90c0:41:... 199524 (GCORE)
7 2606:2800:233... 15133 (EDGECAST)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.194.132 54113 (FASTLY)
5 100.25.32.111 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
8 34.196.151.221 14618 (AMAZON-AES)
7 45.133.44.3 7018 (ATT-INTER...)
11 2.16.186.146 20940 (AKAMAI-ASN1)
1 52.73.58.55 14618 (AMAZON-AES)
7 2a0c:5c81:514... 55081 (24SHELLS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 135.125.163.79 16276 (OVH)
1 2 185.83.70.67 55081 (24SHELLS)
1 96.46.186.57 7979 (SERVERS-COM)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 5.178.65.245 50673 (SERVERIUS-AS)
2 51.89.20.86 16276 (OVH)
1 52.30.14.23 16509 (AMAZON-02)
1 4 52.223.40.198 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 17 184.30.24.241 16625 (AKAMAI-AS)
3 11 23.37.42.132 16625 (AKAMAI-AS)
1 63.251.114.182 29791 (VOXEL-DOT...)
2 104.36.113.23 62713 (AS-PUBMATIC)
5 18.197.18.139 16509 (AMAZON-02)
5 9 142.250.186.130 15169 (GOOGLE)
2 4 209.54.180.3 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 18.156.0.31 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 1 198.8.71.128 54312 (ROCKETFUEL)
1 52.200.158.235 14618 (AMAZON-AES)
2 69.173.151.100 26667 (RUBICONPR...)
4 8 69.173.144.138 26667 (RUBICONPR...)
4 4 185.29.134.244 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
4 5 151.101.2.49 54113 (FASTLY)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 67.202.105.21 32748 (STEADFAST)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 184.30.24.185 16625 (AKAMAI-AS)
1 193.122.174.27 31898 (ORACLE-BM...)
1 1 8.2.111.137 46636 (NATCOWEB)
3 3 18.156.181.30 16509 (AMAZON-02)
1 1 204.62.13.72 46636 (NATCOWEB)
1 99.86.3.99 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
3 46.249.52.249 50673 (SERVERIUS-AS)
1 35.186.253.211 15169 (GOOGLE)
2 5 18.215.193.43 14618 (AMAZON-AES)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 168.119.79.223 24940 (HETZNER-AS)
1 205.234.175.175 23352 (SERVERCEN...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 37.252.172.123 29990 (ASN-APPNEX)
1 52.51.91.44 16509 (AMAZON-02)
2 2 51.178.20.140 16276 (OVH)
1 2 54.174.249.39 14618 (AMAZON-AES)
1 162.210.196.208 30633 (LEASEWEB-...)
1 143.204.215.96 16509 (AMAZON-02)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 169.50.137.184 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 54.236.184.123 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 3.228.133.61 14618 (AMAZON-AES)
1 69.173.144.165 26667 (RUBICONPR...)
3 4 35.227.248.159 15169 (GOOGLE)
2 3 37.157.2.237 198622 (ADFORM)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 54.194.244.117 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.102 24961 (MYLOC-AS ...)
2 5 63.35.242.195 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.135.59.14 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
3 54.211.161.228 14618 (AMAZON-AES)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 3.216.55.148 14618 (AMAZON-AES)
1 2 52.94.222.140 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
1 1 52.214.105.43 16509 (AMAZON-02)
1 65.9.61.50 16509 (AMAZON-02)
1 51.158.28.82 12876 (Online SAS)
2 3.121.27.153 ()
484 131
34    2606:4700:20::ac43:4551 (United States)

ASN13335 (CLOUDFLARENET, US)
thetruedefender.com
15    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i1.wp.com
i2.wp.com
i0.wp.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
3    2600:9000:206f:fe00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2600:9000:206f:9e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:206f:6c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
5    2606:4700::6810:4da5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
39    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
19    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2600:9000:2057:9400:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
1    99.86.3.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-24.fra6.r.cloudfront.net
clientcdn.pushengage.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:214f:e800:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    2600:9000:206f:9a00:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
9    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.72.173.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-173-84.compute-1.amazonaws.com
geoip.instiengage.com
2    34.120.247.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.247.120.34.bc.googleusercontent.com
telemetries.jeeng.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    3.210.11.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-11-204.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
13    34.203.184.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-184-171.compute-1.amazonaws.com
b2c.insticator.com
dashboard.insticator.com
1    2600:9000:2057:8c00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
5    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    65.9.61.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-80.fra56.r.cloudfront.net
get.s-onetag.com
5    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    99.86.3.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-46.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-41.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
9    2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
2    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
6    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
8    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
13    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
tag.targeting.unrulymedia.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
4    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
3    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
10    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
7    2606:2800:233:1ab3:789:1032:20e3:21 (United States)

ASN15133 (EDGECAST, US)
video.twimg.com
2    2606:4700:3032::ac43:c67b (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
5    100.25.32.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-32-111.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:12d:495::2c79 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
8    34.196.151.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-151-221.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
7    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
p.midserved.com
11    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
1    52.73.58.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-55.compute-1.amazonaws.com
premiumsrv.aniview.com
7    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
2    185.83.70.67 (London, United Kingdom)

ASN55081 (24SHELLS, US)
research.adtelligent.com
1    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
2    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com
id5-sync.com
1    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
11    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    63.251.114.182 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    18.197.18.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
9    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    198.8.71.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.200.158.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-158-235.compute-1.amazonaws.com
sync.aniview.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a05:d018:d29:3601:6c4f:4351:131b:c252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.2.111.137 (United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    18.156.181.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-181-30.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
1    99.86.3.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-99.fra6.r.cloudfront.net
ats.rlcdn.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
16    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    52.51.91.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-91-44.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
1    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net
geo.privacymanager.io
1    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    54.236.184.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-184-123.compute-1.amazonaws.com
sync.extend.tv
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    3.228.133.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:c5b2:6467:3d71:6a2f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    54.194.244.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-244-117.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.102 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.135.59.14 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-59-14.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    54.211.161.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-161-228.compute-1.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.216.55.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.214.105.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-105-43.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    65.9.61.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-50.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu
js.cookieless-data.com
2    3.121.27.153 (None, )

ASN- ()
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
40 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7373
c.mgid.com — Cisco Umbrella Rank: 5668
cdn.mgid.com — Cisco Umbrella Rank: 9908
servicer.mgid.com — Cisco Umbrella Rank: 7619
s-img.mgid.com — Cisco Umbrella Rank: 6584
video-native.mgid.com — Cisco Umbrella Rank: 26854
cm.mgid.com — Cisco Umbrella Rank: 1572
661 KB
34 thetruedefender.com
thetruedefender.com — Cisco Umbrella Rank: 608279
457 KB
33 wp.com
i1.wp.com — Cisco Umbrella Rank: 5313
c0.wp.com — Cisco Umbrella Rank: 7323
stats.wp.com — Cisco Umbrella Rank: 2822
i2.wp.com — Cisco Umbrella Rank: 5086
pixel.wp.com — Cisco Umbrella Rank: 2494
i0.wp.com — Cisco Umbrella Rank: 3215
2 MB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2741
47 KB
23 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
215 KB
22 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
syndication.twitter.com — Cisco Umbrella Rank: 844
639 KB
17 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
23 KB
17 ex.co
player.ex.co — Cisco Umbrella Rank: 10546
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8539
mcd.ex.co — Cisco Umbrella Rank: 10432
1 MB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
5 KB
16 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 21086
b2c.insticator.com — Cisco Umbrella Rank: 17129
event.insticator.com — Cisco Umbrella Rank: 16336
dashboard.insticator.com — Cisco Umbrella Rank: 345395 Failed
80 KB
14 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5710
ghb.adtelligent.com — Cisco Umbrella Rank: 5988
research.adtelligent.com — Cisco Umbrella Rank: 675693
156 KB
12 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
85 KB
11 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1493
pbs.twimg.com — Cisco Umbrella Rank: 668
video.twimg.com — Cisco Umbrella Rank: 1459
561 KB
10 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
premiumsrv.aniview.com — Cisco Umbrella Rank: 11372
sync.aniview.com — Cisco Umbrella Rank: 2703
200 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com — Cisco Umbrella Rank: 565
secure.adnxs.com — Cisco Umbrella Rank: 404
23 KB
10 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3752
pbjs.e-planning.net — Cisco Umbrella Rank: 7058
sync.e-planning.net — Cisco Umbrella Rank: 5261
u-ams02.e-planning.net — Cisco Umbrella Rank: 59486
s.e-planning.net — Cisco Umbrella Rank: 6371
i.e-planning.net — Cisco Umbrella Rank: 6375
5 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
1 MB
9 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
ssc-cms.33across.com — Cisco Umbrella Rank: 877
1 KB
9 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 15093
2 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
138 KB
8 unrulymedia.com
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8400
3 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
3 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
89 KB
7 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1894
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
sync.crwdcntrl.net
15 KB
7 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 14043
sync.aralego.com — Cisco Umbrella Rank: 2178
2 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565
4 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3719
5 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
pixel.mathtag.com — Cisco Umbrella Rank: 1240
3 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 913
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023
3 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
3 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
875 B
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
2 KB
5 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9858
6 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6292
142 KB
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
usermatch.krxd.net — Cisco Umbrella Rank: 1214
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
4 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 23472
geoip.instiengage.com — Cisco Umbrella Rank: 28230
auth.instiengage.com — Cisco Umbrella Rank: 20249
31 KB
4 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 18229
telemetries.jeeng.com — Cisco Umbrella Rank: 18028
119 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2434
1 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2070
741 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
mp.4dex.io — Cisco Umbrella Rank: 2499
24 KB
3 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9046
atrack.avplayer.com — Cisco Umbrella Rank: 10118
71 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4566
17 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 12950
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 21204
21 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 466
529 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256
672 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
791 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
842 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
850 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
671 B
2 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 738
ats.rlcdn.com — Cisco Umbrella Rank: 1554
38 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
1 KB
2 midserved.com
p.midserved.com — Cisco Umbrella Rank: 20471
14 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 23756
3 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
606 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580
146 KB
2 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
109 KB
2 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 41069
get.optad360.io — Cisco Umbrella Rank: 24472
719 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5866
535 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 193308
214 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 442
382 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20022
336 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 143344
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7892
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 570
161 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
610 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
44 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
513 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
187 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
591 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
430 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
351 B
1 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
288 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2627
585 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 2333
528 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
297 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 3699
1 KB
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2763
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
779 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1208
637 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646
181 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
915 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7095
627 B
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 7140
739 B
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 7525
2 KB
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1799
161 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
sync.go.sonobi.com Failed
893 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1713
39 KB
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 14672
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
484 105
Domain Requested by
34 thetruedefender.com thetruedefender.com
c0.wp.com
22 s-img.mgid.com thetruedefender.com
player.adtelligent.com
19 platform.twitter.com thetruedefender.com
platform.twitter.com
14 c0.wp.com thetruedefender.com
13 mwzeom.zeotap.com spl.zeotap.com
sync.e-planning.net
12 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
12 dashboard.insticator.com d3lcz8vpax4lo2.cloudfront.net
dashboard.insticator.com
11 mcd.ex.co player.avplayer.com
9 cm.g.doubleclick.net 5 redirects ssum.casalemedia.com
eus.rubiconproject.com
spl.zeotap.com
9 ex.ingage.tech df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
sync.e-planning.net
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dashboard.insticator.com
8 imasdk.googleapis.com player.aniview.com
8 tag.targeting.unrulymedia.com player.aniview.com
8 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
sync.e-planning.net
ex.ingage.tech
8 ib.adnxs.com 3 redirects df80k0z3fi8zg.cloudfront.net
player.adtelligent.com
acdn.adnxs.com
spl.zeotap.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 pagead2.googlesyndication.com srcdoc
7 ghb.adtelligent.com player.adtelligent.com
p.midserved.com
7 video.twimg.com platform.twitter.com
6 track1.aniview.com thetruedefender.com
player.aniview.com
6 ssc.33across.com df80k0z3fi8zg.cloudfront.net
6 hb.aralego.com df80k0z3fi8zg.cloudfront.net
6 i0.wp.com thetruedefender.com
6 jsc.mgid.com thetruedefender.com
jsc.mgid.com
6 i1.wp.com thetruedefender.com
5 a.audrte.com 2 redirects sync.e-planning.net
a.audrte.com
5 sync-tm.everesttech.net 4 redirects ssum-sec.casalemedia.com
5 prebid-server.rubiconproject.com player.aniview.com
5 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
5 prd-collector-anon.ex.co player.ex.co
5 onetag-sys.com df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
5 tag.1rx.io df80k0z3fi8zg.cloudfront.net
player.aniview.com
5 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
player.aniview.com
5 lockerdome.com cdn2.lockerdomecdn.com
player.adtelligent.com
5 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
player.aniview.com
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
5 www.lightboxcdn.com thetruedefender.com
www.lightboxcdn.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 token.rubiconproject.com 4 redirects
4 sync.mathtag.com 4 redirects
4 pixel.rubiconproject.com eus.rubiconproject.com
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
4 match.adsrvr.org 1 redirects ads.pubmatic.com
ssum.casalemedia.com
bcp.crwdcntrl.net
4 stats.g.doubleclick.net lockerdome.com
4 ap.lijit.com 2 redirects df80k0z3fi8zg.cloudfront.net
4 mug.criteo.com thetruedefender.com
4 gum.criteo.com 2 redirects
3 beacon.krxd.net spl.zeotap.com
sync.e-planning.net
bcp.crwdcntrl.net
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dmp.adform.net 2 redirects spl.zeotap.com
3 spl.zeotap.com sync.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects sync.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net sync.e-planning.net
ssum.casalemedia.com
3 x.bidswitch.net 3 redirects
3 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 ssum.casalemedia.com 1 redirects player.aniview.com
sync.e-planning.net
3 securepubads.g.doubleclick.net d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
3 pbs.twimg.com thetruedefender.com
3 servicer.mgid.com jsc.mgid.com
3 cdn.mgid.com thetruedefender.com
jsc.mgid.com
3 c.mgid.com 1 redirects jsc.mgid.com
thetruedefender.com
3 syndication.twitter.com platform.twitter.com
thetruedefender.com
3 i2.wp.com thetruedefender.com
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 ps.eyeota.net
2 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects sync.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 s.e-planning.net sync.e-planning.net
2 adservice.google.com imasdk.googleapis.com
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 id5-sync.com ads.pubmatic.com
player.adtelligent.com
2 p.midserved.com player.adtelligent.com
p.midserved.com
2 research.adtelligent.com 1 redirects player.adtelligent.com
2 script.4dex.io player.adtelligent.com
script.4dex.io
2 atrack.avplayer.com thetruedefender.com
2 player.aniview.com player.ex.co
player.aniview.com
2 player.adtcdn.com srcdoc
player.adtcdn.com
2 cm.mgid.com jsc.mgid.com
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 ads.us.e-planning.net 1 redirects thetruedefender.com
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 telemetries.jeeng.com users.api.jeeng.com
2 auth.instiengage.com product.instiengage.com
auth.instiengage.com
2 pixel.wp.com thetruedefender.com
2 stats.wp.com thetruedefender.com
2 cdn1.lockerdomecdn.com thetruedefender.com
cdn1.lockerdomecdn.com
2 users.api.jeeng.com thetruedefender.com
users.api.jeeng.com
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ssum.casalemedia.com
1 sync.extend.tv 1 redirects
1 pixel.quantserve.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ad.turn.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 sync.aralego.com cdn.aralego.net
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 i.e-planning.net sync.e-planning.net
1 rtb.openx.net sync.e-planning.net
1 pixel.sitescout.com 1 redirects
1 ats.rlcdn.com ads.pubmatic.com
1 inv-nets.admixer.net 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.technoratimedia.com
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 ssum-sec.casalemedia.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 sync.e-planning.net df80k0z3fi8zg.cloudfront.net
1 s0.2mdn.net imasdk.googleapis.com
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ups.analytics.yahoo.com ssum.casalemedia.com
1 ce.lijit.com player.aniview.com
1 fonts.gstatic.com fonts.googleapis.com
1 id.crwdcntrl.net ads.pubmatic.com
1 pbjs.e-planning.net player.adtelligent.com
1 fastlane.rubiconproject.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 ads.betweendigital.com player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 mp.4dex.io player.adtelligent.com
1 premiumsrv.aniview.com player.aniview.com
1 player.avplayer.com player.ex.co
1 fonts.googleapis.com client
1 player.ex.co cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 cdn.syndication.twimg.com platform.twitter.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 public-api.wordpress.com thetruedefender.com
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 secure.gravatar.com thetruedefender.com
1 geoip.instiengage.com product.instiengage.com
1 cdn2.lockerdomecdn.com thetruedefender.com
1 d3lcz8vpax4lo2.cloudfront.net thetruedefender.com
1 clientcdn.pushengage.com thetruedefender.com
1 get.optad360.io thetruedefender.com
1 cmp.optad360.io thetruedefender.com
1 product.instiengage.com thetruedefender.com
1 www.googletagmanager.com thetruedefender.com
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
0 sync.go.sonobi.com Failed
0 api.rlcdn.com Failed ads.pubmatic.com
484 179
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-05 -
2022-12-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
ssl1029400.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-06 -
2022-06-30		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
telemetries.jeeng.com
GTS CA 1D4		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02		 2021-07-07 -
2022-07-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-08 -
2022-12-09		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
p.midserved.com
R3		 2021-12-19 -
2022-03-19		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh

This page contains 71 frames:

Primary Page: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Frame ID: EAD0B600E88E54A0E337E77C9083A9E4
Requests: 235 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: C7C1CEAF2560BD878976BCC663EEE7A1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fthetruedefender.com
Frame ID: 6EF0606E37CBD1CD060C3C39338D03CD
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 6BF0C188DC9EFE63A80AFBF665405593
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: E2423711F4EA0DBF2E7433ED53347B15
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 51E8400FA725F9F211829CC1D19F58F5
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: FA450BB03AD24EEB20BE0503E7141DCD
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: 5598E78CA76D84DE3DB0B225EC9DDA48
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Frame ID: F1069DD0620F5EBD47A6D7840D63DEDE
Requests: 29 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1643383777123&lv=1
Frame ID: C6C86C18A26EE48490935CF138A57E88
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 4791EEA4A7C8DD4B35ACC015845CB1EC
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 56F209FF04445111A579B9BBAF811735
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 573025937F34EA28F403F318AE157885
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: F4F13688F41297741D66738B6F6B7C71
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: A2B4CEF4BC3E159318ED27D68AB05BAF
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: B11BF754C3331F459172AAB866ACD3C6
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: C7CAA43F502B00A77F6D0D558F457C68
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: C7B5348C3CF463B9FFD7A99F6DB5C57D
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 7179EF7F90776C5661316544200D625A
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: DBCFDF69990462CE4AAE4CC7CB2B4948
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: D9EE5151C7617C0591F038B73A3298AC
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 6D7547B8A6A1768B22835B7102D91802
Requests: 3 HTTP requests in this frame

Frame: https://player.adtcdn.com/prebidlink/456495.49388694443/mgadt.449143.js?domain=thetruedefender.com
Frame ID: BAB8A32C5991BC7B3A260F86E639274A
Requests: 23 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1643383778011867413133
Frame ID: 3BC162441B741693DDC3BFCB60B73E14
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: CB6AF72A5D2058A4BE60E027A3A77488
Requests: 6 HTTP requests in this frame

Frame: https://p.midserved.com/prebidlink/19020/j.html?i=11602
Frame ID: 5F96DC548267D59A0D14BD5BA33D456B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D1%26key%3D
Frame ID: E25D26CEA90626FE43410BDD4D2DAEE2
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: FD8BBE479508FE66E9271C10D424BA8A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 23D5C325169816C8BEB02976D6DAE24C
Requests: 11 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1643383778975-922024128334-008896-011-004958&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 6C81D29ADC14B138CD3962D0EA560738
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: 038A6DC70DCA97C97A4F7DFA6701CB44
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: 06C311D582A112C9AFD47FE1ABE51B7D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: A47A3D850EDF539F04FCD4F85F80EF87
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B49B24FA0B034FBE0CAF094ED9AB27C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1169D0150AB15B6A140A7803EF4F4FFE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 680C87DE7C99A74E3BBCA017D9C4DC13
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: E0AF38E83FB41CEB339C48A2D7B3A35E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 81272A4111F8FCE8B78DB26075523765
Requests: 2 HTTP requests in this frame

Frame: https://player.adtelligent.com/prebid/iframe.html?adid=25c511d8cb4cb7b&ref=null
Frame ID: 8E38F6015D2CFB1F3D7368985B33B1CC
Requests: 2 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/10881043/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0Lzc2MzIxYTRkYjYxNGU3OWE3ZDgyM2JjZjc0MDhmYmRhLmpwZWc.webp?v=1643383778-MSMmrs5DT6HQ_UcOC57uVcwbRFc_Wp-Y7EZZgOQyQuI
Frame ID: 10409EA4A14084D609012AD532E185E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Frame ID: 7F0CA8DB692FC340998017FC31422622
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: B8EDAC50E5FDF4DF7F4C24623F4FA2A5
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: E8195535B5C08B7B33BB5A5F1846953F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D33XUSERID33X
Frame ID: F9C62F9B75E4E926FB7FBBAD237473DA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643383777026
Frame ID: D1B041B24049AA48BDCF031C50729D0E
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8A1DFBFE99EFA893A6C6F541C3D511B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 0A87591D3F6E3EAA21A6E1E88BC58FFE
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Frame ID: 82CECA5DF6B6B23A23F9F85F12AD9B5C
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: AC5CC5DABC6FDC88B1A7A42925ED7A14
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&gdpr=0
Frame ID: 5DA1C85C2A5CCF3E804CAFCD5CACCE28
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E7EEBC2E893668D66E6CC19FDD5B2CC
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: A09F12D34ED35F5B58AE4385F02C6D07
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 80F15C5A9BFD24B20D28C2EE27DFBCEC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 7FA0AB868F253A89947B357902AE012C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daa0addc041eeb7fe%26uid%3D
Frame ID: A2B4277038B4B65947EA236EE6F5E473
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Frame ID: 84FEABCC96393BDAF69B2B8B2A3A3D64
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 363158C63162CD1F272F6F8C8AAAEE9E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: A0CB69D2F4DB2A781533498693F682EA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&cmp=0
Frame ID: A341E6F794A4D31F7C3D79FCFED1226F
Requests: 31 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: EFE04EDA1280F0F665CA8CD31449F2F9
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BA022F0A5BF2847B10CEDD7FB889EBE1
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=AFXrAaTzGI5QEAzV
Frame ID: 71D8CE1212E52CBFFDE9C31A814AAEE6
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Frame ID: C363BC5A95F69C5CE459DD7DF07F9CC8
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: A2B61D1C851812E978CC57F055213881
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: 68713447A038A44DDF3DD4D8059F3A43
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: 7FD34CD2852021D10C4572B327A1A4DF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Frame ID: EDE9DA8D66BEABE1C9E13B493495FF35
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 82AA57B410025C3BF348B25CB06264DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E305103157B603765B5F5C2CC1EC0CEF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 31E89D23FA6C3DFB9E9666170300A2CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3D9F9F15C2E1B269613EF84367F653B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TRUMP Declares He Will Get Back The Oval Office In Behind The Scenes Video! - The True Defender !SearchClose search results

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

484
Requests

87 %
HTTPS

29 %
IPv6

105
Domains

179
Subdomains

131
IPs

11
Countries

9326 kB
Transfer

20393 kB
Size

95
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pZBzEXxUR0Y3L3pZU3M0a3IwZDhyRVRQdnhBSVpYaTQ1ZUlQRVR2L3RjOGVSNWQxN2MzcU81amhsai8zd0xYMnJ5bUt2RzNrQzJic05oYW84Y1ZEK0N5TXVGK0dOSG14Uk9zN3B0b0EvZkxqK3lnZHlRQXFnbm1BSG5PWDJJaHE2M2VvNDZocFljSXJEMnJDQWdua29jalVNbFpWblNKM2JwRUlNWTA0VWhEdTNtWGhXL1dhQ211QjB4V1JYMkRYQldTTnhXM0NjbWZpRTNpemdzazVWRVhmL0NuS3F2djRwbWxhUGVzQnZZUU1HZEFnK21VSTN0WVA3V0c3Um1nSjNUL2FNfA&cppv=2
Request Chain 107
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_2%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_3%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_4%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_5%3A300x250%2C336x280%2C320x100%2C320x50&ur=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F HTTP 302
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_2%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_3%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_4%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_5%3A300x250%2C336x280%2C320x100%2C320x50&ur=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F
Request Chain 291
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 292
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfQL4.aFaJRH5L7u-8nPNQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YfQL4.aFaJRH5L7u-8nPNQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHwyogsxmYIS72r7D9DqkFc&google_cver=1&gdpr=1&google_hm=2
Request Chain 316
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6966701791962654085&uid=Q6966701791962654085&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 318
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=643277099282
Request Chain 319
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1976306187885984856
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPoYcy-16bz_s-4DoSupiGA&google_cver=1
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f63961f4-0be3-4f00-b0ba-0f24ee96f431
Request Chain 325
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYYK9R90-11-D4UO&sigv=1&esig=2~9b85ce780eb4250b45633cff0a24a5674806506e
Request Chain 327
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lZSzlSOTAtMTEtRDRVTw==
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfQL4wAB9ibh5wBB HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfQL4wAB9ibh5wBB&_test=YfQL4wAB9ibh5wBB
Request Chain 329
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rjeFIuO90eSsCkOXY1wTqMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6516239240358831435
Request Chain 330
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzhkMWIxNGY0N2Q3OGQxOTZlYzI1OTNmZTAyNjg4MGYwYmY0NmYwZA
Request Chain 350
  • https://research.adtelligent.com/load?adId=105c7c5be7f5a5b&iv=1&placement=mgadt-place&c=455,0772&ref=thetruedefender.com&w=300&h=250&t=undefined&title=We%20List%20The%20Top%20Airlines%20With%20The%20Most%20Attractive%20Air%20Hostess&cmpId=2&r=https%3A%2F%2Fc.mgid.com%2Fc%3Fpv%3D2%26v%3D0%7C0%7C0%7CDkPHkdU1HydltWsAIM5rXKIxTyn0KRw9OgzVNX_6q-7fsQBlsrCUXA5ORdR6KVAG%26cid%3D1106084%26f%3D1%26h2%3DL_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*%26rid%3D1b456c44-804f-11ec-8a69-e4434b151356%26psid%3Dthetruedefender.com%26iub%3DaHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEwODgxMDQzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakV0TURrdk1UQXhPVEkwTHpjMk16SXhZVFJrWWpZeE5HVTNPV0UzWkRneU0ySmpaamMwTURobVltUmhMbXB3WldjLndlYnA_dj0xNjQzMzgzNzc4LU1TTW1yczVEVDZIUV9VY09DNTd1VmN3YlJGY19XcC1ZN0VaWmdPUXlRdUk%3D HTTP 302
  • https://c.mgid.com/c?pv=2&v=0%7C0%7C0%7CDkPHkdU1HydltWsAIM5rXKIxTyn0KRw9OgzVNX_6q-7fsQBlsrCUXA5ORdR6KVAG&cid=1106084&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=1b456c44-804f-11ec-8a69-e4434b151356&psid=thetruedefender.com&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzEwODgxMDQzLzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2QxODVOakF2YUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakV0TURrdk1UQXhPVEkwTHpjMk16SXhZVFJrWWpZeE5HVTNPV0UzWkRneU0ySmpaamMwTURobVltUmhMbXB3WldjLndlYnA_dj0xNjQzMzgzNzc4LU1TTW1yczVEVDZIUV9VY09DNTd1VmN3YlJGY19XcC1ZN0VaWmdPUXlRdUk= HTTP 301
  • https://s-img.mgid.com/g/10881043/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0Lzc2MzIxYTRkYjYxNGU3OWE3ZDgyM2JjZjc0MDhmYmRhLmpwZWc.webp?v=1643383778-MSMmrs5DT6HQ_UcOC57uVcwbRFc_Wp-Y7EZZgOQyQuI
Request Chain 365
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%7B%24UID%7D HTTP 302
  • https://ex.ingage.tech/v1/sync/acuityads/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=a61817cdd6590422378b5f3d52977c6f40ad0c0c
Request Chain 367
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=0c3e4975-716b-45f0-a3af-2a59f0fb5469&gdpr=0
Request Chain 369
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsticator%26bsw_param%3Def4096a2-4bb9-4f99-991f-439b80106b4c%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=24733c9b3ed74358af68dc07cd252efd&ssp=insticator&bsw_param=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 370
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=7d794016c1f5a6268cb4db34
Request Chain 372
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Daa0addc041eeb7fe HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=aa0addc041eeb7fe
Request Chain 376
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Daa0addc041eeb7fe HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 377
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Daa0addc041eeb7fe%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Daa0addc041eeb7fe%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aa0addc041eeb7fe&uid=2776830976548104479
Request Chain 378
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 390
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 391
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Request Chain 392
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Request Chain 394
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 395
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 398
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 399
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4403300313697522900
Request Chain 400
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643470181&gdpr=1
Request Chain 401
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 402
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=wpJSXMTBUV3ZkA0KxsUZXMHFAF7ZlQYMlcfbqjWf
Request Chain 403
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c4aa109a-ba94-4c4e-975c-645ecba7ff53
Request Chain 405
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Request Chain 406
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TW8uJgUuRMx8-jcSALqIfFQTr7c
Request Chain 413
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=db326c28-f13c-4d7e-a0f5-e0eb44acfbff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=12e991e3-eff2-4023-b408-14a8da9c2828&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 419
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5b92e16a-2a44-45d6-8344-95e6cff4ad66&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 420
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=13068121332584453220933003663617746640&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 422
  • https://bn01.er.bemail.it/zeotap.php?_bid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022012816-39176-0.676279001643383782-a300f6a92519bec3e88331b04ddde8b1&zdid=533&env=mWeb
Request Chain 423
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7058279594180081808&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 424
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8
Request Chain 425
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=07b200c7-58cf-4604-42ec-bfdfee9f50b8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=07b200c7-58cf-4604-42ec-bfdfee9f50b8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361&bounce=1&random=2915352157 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=pGFF2/Cx64ji/pEk0NYfIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 427
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=07b200c7-58cf-4604-42ec-bfdfee9f50b8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=07b200c7-58cf-4604-42ec-bfdfee9f50b8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=27d45916ff1f43e009521d51db87ae96&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 428
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-4hRQlBJE2orDmNOIg7RRMNvtBK3g4l_CPw--~A&zpartnerid=570&env=mWeb
Request Chain 429
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BMi8IM7tZ1TL5Iq35HZ0nAFza4ckULIW%2BS41iYitP1U%3D
Request Chain 433
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfQL4wAB9ibh5wBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 434
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f63961f4-0be3-4f00-b0ba-0f24ee96f431&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 435
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 436
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&dcc=t
Request Chain 438
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Request Chain 452
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&bundle=Y490n19BYXVwQWtOQnp2bTIwSFVHM1E4JTJGTlRiTCUyRlNiQnhFTTNkRW9vT3ZlQjFxTjVQYXU0VFlmSnJkUmZVblh6OUVTbm92Z3ZPOHFwUXViJTJGUTF2ZlJWd213dEdybjluN3RhdlVMaWRlQVJKRlhacTk2QjZmJTJGdmJnOUhuUUZXMlJDS1Vo&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=grkkoXxNbURWTnBrZm1Kdk1ERlFlVEp0TW0yUE5PbjBmN1ptWkxxNzFzY241NW10NEhmdGpaZkM1N1ZlRVA1RHROaUJBWm5KMXoyUGVSbS81QnpaSzVha0RHczRZcHpnUlk3QXVrcjZZSCtNZDZXR1RXY0p0YlZKTWYyUURCNitmM0Q4aitOQysxRHk3Nk1XUk9lSEtuZnJqdElURnVpaGhYWEJyem5ycDNTUGpmcXFQSTVkYWx5TzVoYk9ZSW1QVGtxbVVuczBBbjFaRVAvUjA3MDRVTlRrVnp6T0NoL1cyM0tVSkxTVjlwaWcvdWxvODJWYmtOS1JsZWIreFhtSnRkbVJ1fA&cppv=2
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=&google_gid=CAESEERiNtq9azfVu4a_5vY0bpg&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 456
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=982813497444233584 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
Request Chain 460
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YfQL4wAB9ibh5wBB
Request Chain 465
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f63961f4-0be3-4f00-b0ba-0f24ee96f431

484 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/ 		194 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcb2bc1af3cc54dffaac48a9a223f52798ae734db69e29584b0d14dd59fb110

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-type
text/html; charset=UTF-8
cf-ray
6d4b41d3fa109153-FRA
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/43978>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=43978>; rel=shortlink
vary
Accept-Encoding,User-Agent
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
cf-railgun
direct (starting new WAN connection)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
x-pingback
https://thetruedefender.com/xmlrpc.php
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTzPLxvCtey2ijr6JAY6UE9lbO%2FavXpCJmLI5xZ3FBfQuudRTaaQaN66nGsLqkNGo%2FZd%2Fj%2FPNsmKCeArx8w09Q17r7%2FN0SLa6JabuR5K%2Bxgl5CP8DWNlpd9jLe9pEKDzugHP4XI0Ru03zhSl6jY2Usg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
this.png
thetruedefender.com/wp-content/uploads/2021/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158
cf-polished
origSize=21749
content-length
19502
last-modified
Tue, 05 Jan 2021 23:49:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATGI8YHpJU%2Fk8AG3HxbMETChSRpdIiRmEOSK6YEsihIwkWusPCHW9VXhVE7fvBhzIGQiHrTh4neZdF%2FLyn6weSOqyuacxOK2KIhU%2BB%2BtmTBhu2tPSlFIuFXzDAT0AbC6XzIbbhdXk8USMEFXV2zS40U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d4b41d98ab89153-FRA
cf-bgj
imgq:100,h2pri
Capture-286.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-286.png?resize=573%2C470&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
017241b95937b4c9c966481ffb887262369a10c4cb79127f1970c4f1d75202c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 01:22:02 GMT
server
nginx
etag
"d55a049645e3edf6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-286.png>; rel="canonical"
content-length
102864
expires
Sat, 27 Jan 2024 13:22:02 GMT
tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnSfzRN2X56Sh41Cw%2Bd%2FsuSn6iPVBSguMwJIcKP7HZM2Uc7IzvMNpWkElCiKKusCAm0qYnvvBgU6K6ilKZLnmWMRfG2DRpm91dWf3faFXb07GkFa3Ly2FUyFUztTUAH4E0ZmVluaQE9mdEOFum2JTfM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ac19153-FRA
fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BO2MWagkzjNxI0ujKMeIR5%2BDNvhL90iB7PcAmJG%2FEJql0up11t6ddQUci%2Boxb%2BIamly2nchVU3i7Cs8gydXmGaGiPnS4MZNZuCkPKK2Hk54GWGKLyqSDVDxVXx9oX%2FHeQSBFjJsLK8mKnYvKg68FtBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ac49153-FRA
fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywbz9H4OeSnF97j3xFenFJVXc%2F7q7tizC%2B9WgGckvnE4hUVRTTZKoKG70y97hWHBbW6gGvkfYYFavAhn521IcTAjTHqtaf2A0JaUjboes2B37xZLkbkeyJcSaHlQ%2FeE2REewS9h7Cp8yFNB5Tr8Wvsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ac99153-FRA
fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPxBNrzCoOzpSdIy12T1s4BzaVhnmAAhd6Y7b92%2Bg2PxjQQa337U7%2BwCZ9qybdkxuPdnZn%2BxjGChnywCLte0wn0GwukHDOScUGyKxhyjKMB8eTcKVaCPil3W0GxAALDpPPSxzagKeS2RJNZIEWyYYKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98acc9153-FRA
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a75d398625683f08bdbe2c157bfeb05a55749cdfe049b8126c91342339df28b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36120
x-xss-protection
0
last-modified
Fri, 28 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Jan 2022 15:29:36 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iIT8FT4lvp3vXf%2FrFycXDKMqx9JJofN4zYDsaRmi%2BzmwoXGEa1LJBgz4D6f62aLgtfliYAdp%2FoFj2lCN1G9I87ixCQJkBHY5GDzkI%2F%2BZSgs1bEcalALrJBVc6GAJl9wWV6XOweR6dmQI%2FiRrqd6r70%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98acb9153-FRA
style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHxAiyuxiaJ72NbtMgzs3RsLn%2BC4lr32yyq%2Bi%2Fd8tTTjXO%2F%2Bf%2Bzy7rQoI0Fe117icr6hZAoNQ8Lu83OtCRsncrGXpjbWv7i0rGA2QJiOWvrbW4PjLMYNEC0qUluKaxGX3L%2F%2BJ0Btm96bjock4PIef1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ace9153-FRA
widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCSEXn6a4OeOS1%2FbveMHjn7wkf%2FoXSS5DQmp7KfayCJnqplJKLf96yUR4e3lxryIAUmkAADQTGRNMn%2FN5%2FL9xMljB0KSxB3iaOfMXb9Y01qnuCvS%2BM8kF7Ah5vkGHGNOY1AglLwDhTPUIwgNsmgny14%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ad19153-FRA
helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkmlPkbZDTKSNmiqfBOEMZ%2BZ90g5P9O9itSNNrut%2B1TlVaz%2FXplU2iKQqpO6Y6541atE2TCH0DTLu%2B%2BWg3yRMtRq5t5KQ9IRJ168eWSBxXWtalMWfQKIRSCZdrVno2RKa6304FB%2BV7aih4pQUuhEqZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ad29153-FRA
fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
cf-polished
origSize=58662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PwD4qyNto9UAy%2BDAyJ%2FHZaS9ccYCy9QPcI1amU6kds%2B8xF7kcg9OxsZoLYh9Ll8TfZER0KRwBTMrYI3wID4XECQnl84125yB1NceQds%2BHOcYNUjaDbbC%2BHuNoBOIYy1sMXKIqOyZB9r6eBynlw5mvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d98ad99153-FRA
cf-bgj
minify
skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
1017
cf-polished
origSize=12018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr6mhRTZkz4aW%2FA2%2FCF1ySE%2F4Ur%2FMp9T0qyfUbPL3gWF4gQlvXG32bRKVrgOa7lwIl1Z2Th9lKX3iiprC1Wn639HDwnHvV4vApD%2B4Uj2gG4nVu8cM1kEyATmXfemdd1NdWP8UPPRvINSOT9Zf7Jqdyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d99af59153-FRA
cf-bgj
minify
shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8xzSD8mlHhKRwoRC0d1AQq4GBFeqqgjPvblnympi6UBUhIENrYQwuXbny557kqqHqNBOSh54tCC6gdUnOWwk%2BbUGAbGhYTUX7UaeOX46t9dsE%2FjkRQNQSTSFqjmW4RPfEfxIy2RJ%2F%2Bk8wd9hymYri8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d99af79153-FRA
single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0AXbR335Cu%2FcFzQxwCV%2BnYVlLjGNH6d5NX8RdPh%2BcSVmn1%2FzHKz0MWSuUrzwaAHQrkbzuCfAEybYgwWapFnOc772QkGMd7CUKwkozByLvaHoZhGuYYeyw7S75jYYwjEVdo5%2FVc%2FgH%2FHXHBBSdSXHHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41d99af89153-FRA
wp-emoji-release.min.js
thetruedefender.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:55:33 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3w7Ub9k%2F3bag5DLriazox6Imb1HoW3%2F%2BYlejzoGM3jIeQMAq%2BdpKdGqLcY%2Fcf5OxNbyrfBBuj18pJXljRrg8AEzKHjzRHI39uqcCEDd4qWG8LMwjABKHxCMNoB1c3KLie0FqEipGt1RQnqieLOiz6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da1c5f9153-FRA
print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		2 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3913
cf-polished
origSize=2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXHzIUb%2FXUmJkWzGnaXGXtLDdZDv9k8%2BGvaA946rqBxHs7gFdkEk8xENeFVTsoVQAvAzhJwOwdq0Hqp504dG7%2Bb%2BWRJFIJN1BImBAAU1n%2F9vwvMNiXCPO8%2FTZJhRykoixt27U3lR6HIolwM%2BuD1xwIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8db79153-FRA
cf-bgj
minify
jetpack.css
c0.wp.com/p/jetpack/10.3/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/css/jetpack.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
frontend-gtag.min.js
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oywAs2n8jNwRuF3ELCHNAvv3qRceEPy0nkhnpeht3GxQiBH7arGzWztgHTGhwCPhezCXPoB%2FytzBWsPHQdRXKclz4ersZSgcpjoNlXjiYqoMfLzfRpYH9KipNp65SZdgL20ku56Rddacdn61vI4AliA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da2c8d9153-FRA
jquery.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
frontend.js
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 		439 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:16 GMT
server
cloudflare
age
3914
cf-polished
origSize=1539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFMtq15d4cRJpE6S7A9bRRIrjq0pwInz2OUddABEmW%2F9r0h6hyCp01BIqWce5vTZOE8KtetBtxmdw51Sd8bnrO3SvrvouxM8xCWSqCYdnWTAGg2NIiUSSHKgdoVaO1gzhabewyQxetQAwmrTHnoDnDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da2c929153-FRA
cf-bgj
minify
jquery.form.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery.form.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:53:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
just-contact-form-ajax-script.js
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 		388 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2020 12:53:32 GMT
server
cloudflare
age
3914
cf-polished
origSize=463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgeK7Cfo1e2hHee1GjjcqL0%2BnR1PJDs%2BY6OM2ANP%2FrhOVHzmT1J4SCmWRffvWuM00MFPz%2F1ibnUkLWv3jNTYNn9l%2B%2BaGDAlDu5BJ2MF8BUX%2FRKmzpwFLXTGzjn0MxinGBKVDjbZph2YdcRicEVCeZt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da2c939153-FRA
cf-bgj
minify
/
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 		355 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c4e35dcfbc24e7fd225de7b09fd4754331c2811697a2840ae937abcaf89aa2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
3008
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"58a15-E03yNsKIxEIrnYgUvXVwtaFipiw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-cloud-trace-context
943287999b272edc5ccc77aa24b2bd38
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
cf-ray
6d4b41dac8e690b8-FRA
x-amz-cf-id
aSZTL2Zq_tZL1xqhkamAQkAZoBzgpavrF81VMvWfYRTQdDsEbhicGA==
bb28d960-28c3-46bc-ac88-49bbb3388212.js
product.instiengage.com/product-loader-code/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
bIQ9716BHe3t43Xg6yxx44tQ9I26K00Z
content-encoding
br
last-modified
Thu, 02 Dec 2021 20:40:54 GMT
server
AmazonS3
age
3213
etag
W/"3e178191a86d02cb48d2376422824cdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Fri, 28 Jan 2022 14:46:21 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
bDPEwDDPNdQ2wSupbBjzRIXAcDAFSqXCawawsGxbyrWSH1vccuDHSA==
f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
cmp.optad360.io/items/ 		2 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 09:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
2
x-amz-cf-id
87se_PnnjyzRfdPHTtGtYia_gXTiIl_wYkVy0DfmYIRF4EsEjlFD_Q==
plugin.min.js
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 		2 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 14:31:20 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 08:34:55 GMT
server
AmazonS3
age
3497
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2
x-amz-cf-id
xuHQ7LKzaaiGk0lfH8PuXXd3qVz8a_31itN7ByzKtAvu17zJwSbpxg==
lightbox_inline.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox_inline.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
AIuCN8rPaYWiXdzPPd1cEA==
cf-polished
origSize=2379
x-ms-lease-status
unlocked
last-modified
Mon, 17 Jan 2022 15:14:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
cbc2d1fc-f01e-0035-2bb4-0bb665000000
x-ms-version
2009-09-19
cf-ray
6d4b41dadf63699f-FRA
cf-bgj
minify
thetruedefender.com.1229464.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258c3c8991ced4ff294714e8e52d949478b0e181adc508824e00b439e16b8921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
1483
last-modified
Thu, 02 Dec 2021 17:02:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GXBQ055S391PSP46
x-amz-id-2
oEkFBuhxTAy6Rh/YFsbgmHRPoESQNQ9HZaIkOheWG7qovpOcJtO0L4ApwQpdr9dw8k0IVmMsrlI=
cf-bgj
minify
server
cloudflare
etag
W/"12c98d209166a2397db3821834240861"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41dacfce9142-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:36 GMT
Content-Encoding
gzip
Age
1355
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29180
x-tw-cdn
VZ
Last-Modified
Wed, 19 Jan 2022 19:22:23 GMT
Server
ECS (frb/67BE)
Etag
"e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
thetruedefender.com.1229463.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650f2ee76b851b98068fb97f4d7fa8391521044e301472433d17a28fb210c1eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
1483
last-modified
Thu, 13 Jan 2022 15:02:31 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7QAN4FJT1NQAQKAJ
x-amz-id-2
wyTi0dyMKec/YX7YsTEMXBMfD5J7lFgJ4N3bhUX16vS35YGUnBMkvuDcT3vcxbOMZvV3eoDoR9M=
cf-bgj
minify
server
cloudflare
etag
W/"ecdc62ddfd760c4e2f502cb47dd23cc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41dacfdb9142-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
email-decode.min.js
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 15:58:45 GMT
server
cloudflare
etag
W/"61e83535-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfqOm7Eg36pq%2FXNi3PcQrQ0tqNMUBOOHsuScleWESCQrj%2FQnR4orLn7%2Fwm65QWan7sEObMVrpg0uUHAfMWtBqhZdVRSST8ZBABXmZ%2B43sSqNl8FpJ7ucBXH3nC%2B7SzblrgTaXMTZWXY5mayuoCZaj18%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da7d6d9153-FRA
vary
Accept-Encoding
expires
Sun, 30 Jan 2022 15:29:36 GMT
thetruedefender.com.1229983.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd05863522b536607f8b669ad1ebe934ad487cb8252a4f6bb9f44931681cbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2873
last-modified
Wed, 24 Nov 2021 10:55:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
6H5TB9S762E2HRWF
x-amz-id-2
/F2Ew3HLIP6kbNnq9DIYXTKCWbxAqqxQ+ct6DjN6LO4dvyC1S0K2VmtYXfJesPcxd58ouSrDGpE=
cf-bgj
minify
server
cloudflare
etag
W/"c5065e54c82b6663bfdf2509cb7062bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41dacfe09142-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
thetruedefender_thetruedefender_sticky.js
cdn1.lockerdomecdn.com/embeds/ 		1020 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 16:39:44 GMT
server
AmazonS3
age
36861
etag
"5bc9056f1e2006913082934b4e7f8720"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 28 Jan 2022 05:15:16 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
1020
x-amz-cf-id
_bhsSOxBO5B1LWqrXLQZ63IUerKEdcj6-z1ZGt0emC5biifMy1keyA==
frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
2486
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u2iJrsWbIHIAytwqduqtLA7ckpN1KLpdRvQAjWBdhlstEVhVa0cYJE9tYVPGrvNENjUCJaVb6M72hKL3QmSD9ZjzO9qBHnwklk471c0i0zOvMoeGaaYUOfA2lpooEUWzKEcZuMlPvGAhqN9kKqjYlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da7d849153-FRA
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js
clientcdn.pushengage.com/core/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-24.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:35 GMT
content-encoding
gzip
server
nginx
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
asa4D1169bVg1cR_Yo865ybj7JWjBCLOIWCIJT9iabS6WPV7YxcwFQ==
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
regenerator-runtime.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
wp-polyfill.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
hooks.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/hooks.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
i18n.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/i18n.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
jp-search-main.bundle.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 14:48:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?ver=202204
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
server
nginx
etag
W/"61dc645f-2a3d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sat, 21 Jan 2023 14:38:23 GMT
intersection-observer.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZl7wg23%2FKjZ9E8inphLQhGgYS2vlWqVRDUfq9zzYHklkCrhyJMY6%2FDLpJfDR7EUIUJFul57I53ETPdC6vCnTfv2GM5Y157OvBUBp85CHGvYizZ00NRtIOBmuk%2FP5OcJNNrCB6fmxmiM0RPXk4X44hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8da19153-FRA
cf-bgj
minify
lazy-images.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNvSqRd5EPCJ48L21xlgCCZakw6Aq5c4WYk6LGBB1P9ORNI4kesAePbVTcDOuYbhKD3l734OcmhvbaWAez73%2FVx8ydCBRGMzwtKIIGzVOWsouK0YH4QdJlV8MqRRW1NQOvFfUhekJku5RuTgyEOOLP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8da39153-FRA
cf-bgj
minify
scripts.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4aveytezsj8db7GrD5A7dLLOEbrd53mngIzvwV7WSsV2E%2FUadO7aukgVfaniZCr25w9n556yS1B9rWjcxhEB77jCGf7c%2BSfIn7sByxPphStWBcpQsmh4urTBq4PuZKg82HkApzBuEl6dza42rWq4Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8da79153-FRA
lightbox.js
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
cf-polished
origSize=81423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVRC0nkCrKBIC5gHDldBnJ7dThr7lcUmDgehYQp%2FQsoJQGzbhrf%2BQlPe1HBp0jPiSMd%2FL%2Boi%2FRvl2HrS0roF5trv3beguQ3Jim7CQ7%2Bt2A72iLtSTaRz55WCfNoODSnvYvnmbR3U%2Bn0sh0v8zgOIutI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8da99153-FRA
cf-bgj
minify
sliders.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXQbg4Ys%2FEPKGgRtJcM1T%2F%2BWvaRrFaTzysozWjBplR5xXv98W3HgrGcoq2Qa1hr1jaiTCCsV5ku4bP9LV0Rtv5d4ZGD%2Bix02CcV1xN9f6sKsuCT7GWiESe2IJd17fiULo%2F%2FFAH0tzloynpU8wZrzx%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8dab9153-FRA
shortcodes.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
cf-polished
origSize=11181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGjghZLLjQqrK1Ia9kG%2FPhTdIn9h8v9itScL43Oy5rLux7F8zuSivqDBTBAwsS7J1Z00pL5Z3B%2BPMeSygYYSdrpp%2BhwDq1XRSrtBGOyW49hMxLgXVUOyd6jox1K0PxzTFFEWwTzmqnNG9yJBlKEM5Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8dae9153-FRA
cf-bgj
minify
desktop.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2486
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH45hZ8uw5q%2FywRI9bnyTTJh3oYfyM%2FcI7bQT9p0Xmcb%2BgCvTqJYhJNPRCv%2B6jomdHTsnhda0o6B74%2BKR5ZZOb7GGP6kE8Y5F%2Bjwx0lrYl%2F8MH2QbzPWlyETdZCe1PB6kxP8pesgbjmNbRtyfn804Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8daf9153-FRA
live-search.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2486
cf-polished
origSize=14601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBT7iIeRh2vu%2FkQt8rdUhJH2HCgcDlhe1Si8yUi2bZrDjdGC9Ezeg0Yap%2BxDZnIbWEvenxk5AwkJtxdXX1vY64Jq1QmLmJ%2F9EhQfqmjKB76W81KadxuP4MBHfeDyVifSdIzeq4yuvenmat0KLIQmAd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8db29153-FRA
cf-bgj
minify
single.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywdIxE6ET3PVoynuCY1B9ya8z9vepFqWzeewszVpvBsGehLgRG2ry%2B1CwcGdtbzwNURVt7d7KF953YZTQxV9KgbrDzo0GdvYo2Bd40%2FiCTITndPzqVWXJTi7Gzoa5YR%2FbAHTu0YzcI6S7iLnSqEuB2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8db49153-FRA
comment-reply.min.js
c0.wp.com/c/5.8.3/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/comment-reply.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
wp-embed.min.js
c0.wp.com/c/5.8.3/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/wp-embed.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 28 Jan 2023 15:29:36 GMT
br-news.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
3914
cf-polished
origSize=5594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbaNAJrAQj3qXH06I%2FkQyGUd5F0EnB28BW9F7ozrbecseeVrU7an28fs5GxI1XSsDdmC%2Fum9YFlYSo6jQQ1Wdntsr%2B%2FIFiBDbjSYwylqcn5qcpTGGD2aNtmahqDj2%2F%2FPJotlVFptg19%2BTXzFk7Rs4oM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41da8db59153-FRA
cf-bgj
minify
e-202204.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202204.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 16 Jan 2023 08:44:13 GMT
bb28d960-28c3-46bc-ac88-49bbb3388212.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		130 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0168bb2cdfa0702afab8cc44da19d1386f30604166c8a48ef5d24a04ffe00555

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
EhODs8WHy46KFOdA65kTp2Rf.9rXOFZN
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 16:24:17 GMT
server
AmazonS3
age
39
etag
W/"508619bbb967356781f2f36628bfb866"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 28 Jan 2022 15:29:36 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9HDSMu8ansV7DGvqgcRx0U0wgcLH9IhaAvm_4Wn_nWplvZrLv-v6Zw==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9a00:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 03:05:41 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 06:37:24 GMT
age
44635
etag
W/"14de-17e7b5aa3ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
HECCoEOO3dJtnYutERBfsKOt10aSurmHNWvn_iGdHfdlpUfmAEjaUA==
Capture-285.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-285.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b4dfad2752081001e1a24e4b2ea9e5038d31f6779a1bb4a0967abf956c223f17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 03:11:20 GMT
server
nginx
etag
"cb7ffaf08df51c33"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-285.png>; rel="canonical"
content-length
84608
expires
Sat, 27 Jan 2024 15:11:20 GMT
Screen-Shot-2022-01-27-at-6.09.20-PM.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-27-at-6.09.20-PM.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1a0dc0455fa0ad7e7b19040f43ab5f293d566061f272413b184c0afc81b2bb05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 17:02:33 GMT
server
nginx
etag
"042ec4643ba8e9a7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Screen-Shot-2022-01-27-at-6.09.20-PM.png>; rel="canonical"
content-length
72036
expires
Sun, 28 Jan 2024 05:02:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6882
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
thetruedefender.com.1229463.es6.js
jsc.mgid.com/t/h/ 		246 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e6ec0e51de1768c9cc488c8fe4ad9cc6f6673fde8e0055f909ab8d463fead1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2120
last-modified
Thu, 13 Jan 2022 15:02:31 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7QAR6D92A58541JW
x-amz-id-2
vvJ+BS5//bOjOGwiVb0E+RPQjG7zqF+AA0YJxDvIRsSQ5VysSkVftT289ZsgG5b7tqFjmFexmS0=
cf-bgj
minify
server
cloudflare
etag
W/"c2796d4627acb56f24d80bbc633de1fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41db69b79142-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.9849415370618944
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 28 Jan 2022 15:29:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=189343063&post=43978&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&rand=0.3586796219358528
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 28 Jan 2022 15:29:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
thetruedefender.com.1229983.es6.js
jsc.mgid.com/t/h/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6cb0f5e2652428d28bc89a7ee2bbb5bff7f695539f18b381b1ce1421691737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3208
last-modified
Thu, 02 Dec 2021 17:07:54 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
17V7BD4GAKG769GV
x-amz-id-2
L4aolxskrMfRJTU9WuUfJAosPUQbO7xAb7X+TRKi+Yza0l0qCkSDqEp6c3x0aHPGF1PzQ2guRVs=
cf-bgj
minify
server
cloudflare
etag
W/"27d61387feb6708781d29b1b11deee3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41dbab185b68-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
/
geoip.instiengage.com/json/ 		210 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
caa46a0a5ac5d29e7af5437c5c57c2c67bc7d8873a38d0e364aa987824342c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:36 GMT
access-control-allow-credentials
true
x-database-date
Thu, 27 Jan 2022 22:59:32 GMT
content-length
210
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame C7C1 		73 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Fri, 28 Jan 2022 15:28:36 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DRTea4XhLSnz38K7FCf0Og7ab-ThEH8x6GdTMh7U4q6HREu7sC1DOQ==
age
61
thetruedefender.com.1229464.es6.js
jsc.mgid.com/t/h/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ce7903d938e7354183e90e6494a5f52749f8fb7a6a432224b87df818919db2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2710
last-modified
Thu, 02 Dec 2021 17:02:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B4M0WE6TZRRNZ6EQ
x-amz-id-2
JXib1pnBPNXh1kOAyB/ca/dJ6aMeWRfAypBX+BMG+9NSBioTpFV6MJa3NSnJvcc2XKwdRXX3Amg=
cf-bgj
minify
server
cloudflare
etag
W/"e72aa93ead576c23423a674cade83906"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d4b41dbbb265b68-FRA
expires
Fri, 28 Jan 2022 18:29:36 GMT
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
content-length
0
date
Fri, 28 Jan 2022 15:29:36 GMT
via
1.1 google
alt-svc
clear
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
via
1.1 google
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
clear
content-length
15
widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html
platform.twitter.com/widgets/ Frame 6EF0 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fthetruedefender.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
38068
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jan 2022 15:29:36 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 19 Jan 2022 19:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
jp-search.chunk-270.e200588ee02c9e4e229e.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-270.e200588ee02c9e4e229e.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
3913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNrFPVmq5BTvv0wZkLKMMELQyf%2FgFWQMVxz%2BFZ8dl0qNck4%2Bp9gOf0kZ3yAJobvkR%2BH8Odx3JFL7QOhHX45hCIiQVEGdgw1LledgFs0v9oHxfNQUsMTWPmdJFkcLFjjACQ%2BTIcm8pFxbSZyNTGZ7VU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41dbe9e49153-FRA
jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
3913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5AJ3XSuZFC18eaudNXbs5cQBacFfaCUJr5WfiIsal1Ukbp7dE9WGED%2Fw9hFzsSea0whvjEnfN7KmQmEeMWl9WXDFuRCwuQW5%2B8EQSgZS6KTFq4MxOyquFJ71JyAaTMPGqas7BPhQWnaXc6JqRkfKPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41dbe9ec9153-FRA
jp-search.chunk-main-payload.885bc75706af563a7288.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
3913
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkqhN4WP4yOD6cJWBE1RZMIbejNwfO8ZxncHWrlTba9UNHKeZdl%2FTUpCYJ1JUD%2BtBCpQg92OdyxrZYG%2FE82%2FZCeDZop1llPQaZmwG34tA7jIaZokApsMAYGuYE4Fcn601YHxCCOHsj3FNcobKYQKAkM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41dbe9ef9153-FRA
entities
users.api.jeeng.com/ 		223 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=5.6&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fb9c9fdd563e6bc5e905c33640c6ba9c7856e123882d3fb2c5f10745e965040d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
DUS51-P1
x-powered-by
Express
x-cache
Miss from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"df-GhCBGKMpfPujXEFdfnu7vKEimMM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
6cfed065d7618cfbc722a56beedf0be6
cache-control
max-age=3600
cf-ray
6d4b41dc4e296921-FRA
x-amz-cf-id
Ds05goyImxChAsk0uw49n-MjdHPluyriM6J4xBOP658M4LaoFRtU4w==
01552dc04c1d234a01413add9d8d09cd
secure.gravatar.com/avatar/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5fbe9ba88d92aaa1bd6b215881e3a4e52ab4af2138d1907c2b84d28adfbe487

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
last-modified
Wed, 17 Feb 2021 14:09:30 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="01552dc04c1d234a01413add9d8d09cd.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g>; rel="canonical"
content-length
39868
expires
Fri, 28 Jan 2022 15:34:36 GMT
Untitled-10.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Untitled-10.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4a09293cc6ed3781f2bd224cb4ff8c200c19ca350fdb0415f92336d5bb1e74b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 13:38:50 GMT
server
nginx
etag
"e6010a7cfeeb97a1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Untitled-10.png>; rel="canonical"
content-length
33550
expires
Mon, 29 Jan 2024 01:38:50 GMT
Capture-300.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-300.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
95622daa4e89cb367af0f161d510f9394cd8b1f78daf81d53967723d8f3f7803
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 12:50:03 GMT
server
nginx
etag
"e875c133f6910a5e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-300.png>; rel="canonical"
content-length
39468
expires
Mon, 29 Jan 2024 00:50:03 GMT
COVID-19-Vaccine-scaled.jpg
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/COVID-19-Vaccine-scaled.jpg?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
98e1b2ca89e7684e9db31756151917bc07e80785dc1afa769dd3e6dbd7ba90af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Jan 2022 12:03:13 GMT
server
nginx
etag
"46c6908e5915bea8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/COVID-19-Vaccine-scaled.jpg>; rel="canonical"
content-length
4388
expires
Fri, 26 Jan 2024 00:03:13 GMT
eyJ1IjoiXC91cGxvYWRzXC8yMDIxXC8wN1wvZWxvbm11c2suanBlZyIsInciOjEyMzAsInYiOiIxLjAifQ.jpg
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/eyJ1IjoiXC91cGxvYWRzXC8yMDIxXC8wN1wvZWxvbm11c2suanBlZyIsInciOjEyMzAsInYiOiIxLjAifQ.jpg?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
cdce7efb7e2f61fdd06672e77df88e2346b564de2603a29fac193077bafc59ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 12:50:02 GMT
server
nginx
etag
"999b4bc2697dae03"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/eyJ1IjoiXC91cGxvYWRzXC8yMDIxXC8wN1wvZWxvbm11c2suanBlZyIsInciOjEyMzAsInYiOiIxLjAifQ.jpg>; rel="canonical"
content-length
6044
expires
Mon, 29 Jan 2024 00:50:02 GMT
Capture-299.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-299.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
cc9646144f055f8efe45bc8fcd88327a4f868b7d218632fa2bf062c3a626e33d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 12:50:02 GMT
server
nginx
etag
"a23faf99590d168b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-299.png>; rel="canonical"
content-length
35262
expires
Mon, 29 Jan 2024 00:50:02 GMT
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
JlrJxrw4PUHBe5vaYNP.8A_1stk_uR92
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 02:51:44 GMT
server
AmazonS3
age
39758
etag
"1be285356b5d9ac3d0319cc622757910"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 28 Jan 2022 04:28:37 GMT
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
17333
x-amz-cf-id
amzEogfsDz4LK7MXRxyuCjhXThT5RrKUevYXmmxUDIZeg-mMxuftGw==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 14:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 28 Jan 2022 15:31:31 GMT
/
geoip.insticator.com/json/ 		210 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
caa46a0a5ac5d29e7af5437c5c57c2c67bc7d8873a38d0e364aa987824342c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:36 GMT
access-control-allow-credentials
true
x-database-date
Thu, 27 Jan 2022 22:59:32 GMT
content-length
210
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 6BF0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
efb019eb-4da7-4412-aeca-b02b77774eae
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
bb28d960-28c3-46bc-ac88-49bbb3388212.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		263 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceec937766f402ce18c6de4f042cde8f4c09af0a7099a6ebe894c58eebcba706

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 05:21:58 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 18:05:39 GMT
server
AmazonS3
age
36459
etag
W/"def67806043c3260b35d132f1d8a0f98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tGSo9Cm2j5Lz4qqjdHg4bgPX4.hrCJNy
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
3bUE6QmP24E1YtzX9ounvxchalmoBWgw4ZKVmh7gyhmQ6whrTUhVvA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bf9914de0e14f76ad19382ccdc1e33dca7f3978965c9d68b6c4156b882b4c317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 23:47:54 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31be3-5d5f803b60756"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=47007
accept-ranges
bytes
content-type
text/javascript
content-length
63934
expires
Sat, 29 Jan 2022 04:33:03 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		619 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07a04484b5cc7e5f3efd517ff33e622694077bb6089bac91d97c493f7a546c6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:36 GMT
Content-Encoding
gzip
Age
3118
X-Cache
HIT
Connection
keep-alive
Content-Length
88462
x-amz-id-2
etM/bJO4SiJyLwCjU2ID3OTGbyeSL4oAlaIi5vJxO2Z/I8yGUAKZBO/kTbqdPuctMaNVboU1PUQ=
X-Served-By
cache-hhn4058-HHN
Last-Modified
Fri, 28 Jan 2022 14:34:39 GMT
Server
AmazonS3
X-Timer
S1643383777.770072,VS0,VE0
ETag
"5b93b7376cdda7a194aad87b9ac19427"
x-amz-request-id
5KMJY9PN6DAM9BNC
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
147
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-80.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
81722
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 27 Jan 2022 16:47:36 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
r5sXWNAVqn_MjDlhLxaVZoQlZ5dFZbU1NxfOIe2SMhqxVUAJqQkROQ==
14731549484471654
lockerdome.com/lad/ Frame E242 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 28 Jan 2022 15:29:37 GMT
13997836195017830
lockerdome.com/lad/ Frame 51E8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 28 Jan 2022 15:29:37 GMT
14009642120598886
lockerdome.com/lad/ Frame FA45 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 28 Jan 2022 15:29:37 GMT
bundle.js
auth.instiengage.com/auth/ Frame C7C1 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:58:37 GMT
server
AmazonS3
age
235
etag
W/"3f019eeba204464fe4c8dad30cf9150b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
date
Fri, 28 Jan 2022 15:25:42 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
AadESMqC0BRYZH81AicBGX5Bjayz_mDfDOX1rvOQiC-Tm3HiRk6mVQ==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=493494788&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&ul=en-us&de=UTF-8&dt=TRUMP%20Declares%20He%20Will%20Get%20Back%20The%20Oval%20Office%20In%20Behind%20The%20Scenes%20Video!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1722184517&gjid=1375784507&cid=1609817729.1643383777&tid=UA-186892928-1&_gid=1083317317.1643383777&_r=1&gtm=2ou1q0&did=dNDMyYj&gdid=dNDMyYj&z=1247242124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
14447308783736934
lockerdome.com/lad/ Frame 5598 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 28 Jan 2022 15:29:37 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 21:23:07 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront), 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
age
65189
x-amzn-requestid
9349c467-5d77-4b88-9797-710591dd8863
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA6-C1
x-amz-apigw-id
Mn8BZHzrCYcFZ9A=
content-length
555
x-amz-cf-id
wcM_ChldNEOUfUW91ayAtH88Lkig5mn0EmEy1uriAIFyzbiRUfPXEw==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-41.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
46670
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 28 Jan 2022 02:31:47 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
unMTwo1jTFObQ_8DTBbw04KPkmt7fof0XnBylhlionFwtGQeZjJemA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1371
date
Fri, 28 Jan 2022 15:29:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pZBzEXxUR0Y3L3pZU3M0a3IwZDhyRVRQdnhBSVpYaTQ1ZUlQRVR2L3RjOGVSNWQxN2MzcU81amhsai8zd0xYMnJ5bUt2RzNrQzJic05oYW84Y1ZEK0N5TXVGK0dOSG14Uk9zN3B0b0EvZkxqK3lnZHlRQXFnbm1BSG5PWD...
344 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pZBzEXxUR0Y3L3pZU3M0a3IwZDhyRVRQdnhBSVpYaTQ1ZUlQRVR2L3RjOGVSNWQxN2MzcU81amhsai8zd0xYMnJ5bUt2RzNrQzJic05oYW84Y1ZEK0N5TXVGK0dOSG14Uk9zN3B0b0EvZkxqK3lnZHlRQXFnbm1BSG5PWDJJaHE2M2VvNDZocFljSXJEMnJDQWdua29jalVNbFpWblNKM2JwRUlNWTA0VWhEdTNtWGhXL1dhQ211QjB4V1JYMkRYQldTTnhXM0NjbWZpRTNpemdzazVWRVhmL0NuS3F2djRwbWxhUGVzQnZZUU1HZEFnK21VSTN0WVA3V0c3Um1nSjNUL2FNfA&cppv=2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
91418ae747d2d16ee1ec7c9a68b657ee0d4e2d7e96159551a163ba775f2f2ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2142
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:36 GMT
location
https://mug.criteo.com/sid?cpp=pZBzEXxUR0Y3L3pZU3M0a3IwZDhyRVRQdnhBSVpYaTQ1ZUlQRVR2L3RjOGVSNWQxN2MzcU81amhsai8zd0xYMnJ5bUt2RzNrQzJic05oYW84Y1ZEK0N5TXVGK0dOSG14Uk9zN3B0b0EvZkxqK3lnZHlRQXFnbm1BSG5PWDJJaHE2M2VvNDZocFljSXJEMnJDQWdua29jalVNbFpWblNKM2JwRUlNWTA0VWhEdTNtWGhXL1dhQ211QjB4V1JYMkRYQldTTnhXM0NjbWZpRTNpemdzazVWRVhmL0NuS3F2djRwbWxhUGVzQnZZUU1HZEFnK21VSTN0WVA3V0c3Um1nSjNUL2FNfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1959
content-length
509
expires
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201261844/ 		185 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201261844/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
481f91bab5bfe29d46a7c0890dc6d1780018692ef4920bf441db8b18698700a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:36 GMT
Content-Encoding
gzip
Age
738
X-Cache
HIT
Connection
keep-alive
Content-Length
60220
x-amz-id-2
prkQWAqZYqO7zf9LGKSVlt6TnLM0sW5OULDloaPWeYffy/k7eI9tzJq8PciVgxOKA8gAPTp2fHRzXN1TNgEQAg==
X-Served-By
cache-hhn4058-HHN
Last-Modified
Wed, 26 Jan 2022 23:45:59 GMT
Server
AmazonS3
X-Timer
S1643383777.892388,VS0,VE0
ETag
"f04b0f11b8b9282146c128d90ea7d4f2"
x-amz-request-id
JPTMXS86BZ749515
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1235
settings
syndication.twitter.com/ Frame 6EF0 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5ee78db7a8e1cdd62dec878e8c790fba094c171d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fthetruedefender.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
112
date
Fri, 28 Jan 2022 15:29:36 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 15:29:36 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f9e45c8cba2e581556c1133916039468f571be9a238b354ed912164e44009834
content-length
166
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-length
0
vary
Origin, Access-Control-Request-Headers
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
access-control-max-age
3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4b41de5d085c2c-FRA
c
prebid.a-mo.net/a/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:37 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
296
vary
origin, Accept-Encoding
ROS
ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2C320x50%2B...
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2...
153 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_2%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_3%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_4%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_5%3A300x250%2C336x280%2C320x100%2C320x50&ur=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d5a6954f446213b7bdd1e136c742c00bfd95519fd6fdfbc53ca0ba17e8eddef6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://thetruedefender.com
expires
Fri, 28 Jan 2022 15:29:37 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
153
x-sid
AMS-605

Redirect headers

date
Fri, 28 Jan 2022 15:29:37 GMT
server
openresty
access-control-allow-origin
https://thetruedefender.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.08249135331974289&e=300x250_0%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_1%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_2%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_3%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_4%3A300x250%2C336x280%2C320x100%2C320x50%2B300x250_5%3A300x250%2C336x280%2C320x100%2C320x50&ur=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-605
openrtb
ex.ingage.tech/v1/ 		2 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d383a610f1e010b5be032d8b11ce1ba9ccb749ed15a8d347d93c1ba65602b409

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6d4b41df6c07911f-FRA
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=74b6978a-9964-488a-92bd-aa4c6a5ed253&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		65 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
037e5f9841488d1905f7ec4c18c9b2a93f0d1f3ffba7997fe9c882df77d2cae8

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
038e0bfbcb0a59fb7cfd2db67302ff66331bd04fbf48eda0a8e18f933af086f7

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0cfbfc0d9fe0600d647a64851e8e265956520dd6df3fae27e17566784ff1e5e4

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9e48d3159e8d38ec9776c6903724d76f1f3672895b221877c6a64fadd8eb779a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c515b5fdc20c956475a0935c7928cec89341303c97c9f3a09c7ed6c5f5c4f420

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d8501bc0d369949c01cd9320b8e4988fb7425ffb1a75a4c7648477f2eb53d13a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		19 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:37 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3d241a0e-a8e2-4cc3-94a8-c74f37efc11f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
bedd10f103953e50d361e75843eaa308a4df7c7f4ca11880755fa803d9f521e1

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
mvo
tag.1rx.io/rmp/213651/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:37 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
trinity.json
apex.go.sonobi.com/ 		200 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2265c72196dcdcce4%22%3A%22925297bfa73ea1d1480f%7C336x280%2C300x250%2C320x100%2C320x50%22%2C%2266955d6a1a25887%22%3A%22e39607ea179adf617233%7C336x280%2C300x250%2C320x100%2C320x50%22%2C%226729316cf69b725%22%3A%22925297bfa73ea1d1480f%7C336x280%2C300x250%2C320x100%2C320x50%22%2C%22688aa0fc6d99497%22%3A%22e39607ea179adf617233%7C336x280%2C300x250%2C320x100%2C320x50%22%2C%22693fb69f384ebc9%22%3A%2290b4426760cc80fe2373%7C336x280%2C300x250%2C320x100%2C320x50%22%2C%2270f0f7248bc23ab%22%3A%2205164074ab766f531967%7C336x280%2C300x250%2C320x100%2C320x50%22%7D&ref=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&s=b941699e-d832-4cbc-82cb-fb3018565137&pv=0c8d43ff-b37f-4622-8717-3bfb7c277e6d&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%229ccc38e7-6410-49a8-8d63-8c284952d1a9%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%2211e1ba2b-7787-4797-8f88-9b22cdc75145%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2211e1ba2b-7787-4797-8f88-9b22cdc75145%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
2796cb81db5dfe7e8e5419d648847c3eea543a3ea4629cc4291c20372ff3f854
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1643383776965&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
search
public-api.wordpress.com/rest/v1.3/sites/189343063/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/189343063/search?aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bfield%5D=category.slug_slash_name&aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bfield%5D=tag.slug_slash_name&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Bfield%5D=date&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Binterval%5D=year&fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=has.image&fields%5B6%5D=shortcode_types&fields%5B7%5D=image.url.raw&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
01657a9b73f39a991be89803d04c0d1c066a76d3c0ee9c82dc51a837d93693c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pZBzEXxUR0Y3L3pZU3M0a3IwZDhyRVRQdnhBSVpYaTQ1ZUlQRVR2L3RjOGVSNWQxN2MzcU81amhsai8zd0xYMnJ5bUt2RzNrQzJic05oYW84Y1ZEK0N5TXVGK0dOSG14Uk9zN3B0b0EvZkxqK3lnZHlRQXFnbm1BSG5PWDJJaHE2M2VvNDZocFljSXJEMnJDQWdua29jalVNbFpWblNKM2JwRUlNWTA0VWhEdTNtWGhXL1dhQ211QjB4V1JYMkRYQldTTnhXM0NjbWZpRTNpemdzazVWRVhmL0NuS3F2djRwbWxhUGVzQnZZUU1HZEFnK21VSTN0WVA3V0c3Um1nSjNUL2FNfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1148
date
Fri, 28 Jan 2022 15:29:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
horizon_tweet.a9be59cd0dc47809105c7ef3e843df0a.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.a9be59cd0dc47809105c7ef3e843df0a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
c145456f029f577a7dc1e9e95c779a3eeb22cdd8b31aac30f350beb35284b74d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
2518
x-tw-cdn
VZ
Last-Modified
Wed, 19 Jan 2022 19:04:20 GMT
Server
ECS (frb/67AA)
Etag
"b490f0d219274b9c8d6c0e5df13ac28a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Tweet.html
platform.twitter.com/embed/ Frame F106 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
5707d638c113e28223ec358a3b0728fd07301a558b2715c5bcacdf30c1c8b48d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1054
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jan 2022 15:29:37 GMT
Etag
"d138a83d1fbe0467999df1165f973d65"
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
lightbox.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame C6C8 		326 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1643383777123&lv=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c799c739ee0a2e2cceb8dcccd08ee83877d075c990d2e27e28ed332887396dea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 14:44:10 GMT
server
cloudflare
age
2727
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
6d4b41df290f699f-FRA
cf-bgj
minify
embed.runtime.4991aa8b1b18f4b0fa83.js
platform.twitter.com/embed/ Frame F106 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
308dbcf444d926685b9884dac13aeca7818912ff2b8f0a92f6a812822765244d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4460
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/67D3)
Etag
"ccf0fd5168b4d99f3adcce693b3e3131+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.c690f634f8916333bc3b.js
platform.twitter.com/embed/ Frame F106 		520 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.c690f634f8916333bc3b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
f18d31f8608c7b3b841fa0e80c2672852a129de6e143fd7a3e10c13c62768cf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
169232
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/6752)
Etag
"481672f064152d2271409ec06b699d7c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.4c54a3eef834fdf23314.js
platform.twitter.com/embed/ Frame F106 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.4c54a3eef834fdf23314.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
84b3d6488519c50fdb37ada97d2a0f82fdd40f0971d3509b1853e4ccd9e1e259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
794
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/6731)
Etag
"98dc292b2a5472c3ea96c76a96039182+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.eab05ae4eb8b3fb0984d.js
platform.twitter.com/embed/ Frame F106 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.eab05ae4eb8b3fb0984d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
f1eb5d019483f7e268e91b4b0c0542bc9f57c2f9bb905db1b9fcbd53be7d739f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5376
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/67D5)
Etag
"b3753873275214ea3b05663870e108d3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
user.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame C6C8 		661 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637788009659710216
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1643383777123&lv=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df0425a4380db28a41c5f8693008a1024f8ecba1d313f4719ada41a697f78fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
h5d11E7Ryq0bm5aSyP3hDg==
age
178341
cf-polished
origSize=1122334
last-modified
Mon, 17 Jan 2022 15:14:18 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
0ca638a3-401e-0068-6cbc-124661000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6d4b41df59a7699f-FRA
expires
Sat, 28 Jan 2023 15:29:37 GMT
embed.vendors~ondemand.en-js.b669f4ba88791a25c05f.js
platform.twitter.com/embed/ Frame F106 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.b669f4ba88791a25c05f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
a9c2e9035ac72edf0f88f673b88f348d0708974ce3eef28dbe8b2ef7a6f53bb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12556
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/67BE)
Etag
"f05ff0d4c50335edf0882681b142d31b+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.6c38fbc309c428f67c84.js
platform.twitter.com/embed/ Frame F106 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.6c38fbc309c428f67c84.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
bd43496b79bba1754c6b9438e74fd1a181dd09d82a68af1e67759aa021377ff5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
1777
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/67D5)
Etag
"610d6e886d276366f1a63c77bf578849+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.d20518a954ac994630be.js
platform.twitter.com/embed/ Frame F106 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.d20518a954ac994630be.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
677a1167be22cd72880eeca998e56e35417e6a12dbc2925da6f33b209d0bf77d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
1777
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/6739)
Etag
"ccc64d2b52b93bb588c56cfc91893cdf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637780292583815575
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637788009659710216
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
286413
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
861bfc02-901e-002e-72c1-1198f7000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6d4b41e02b7d699f-FRA
expires
Sat, 28 Jan 2023 15:29:37 GMT
z
lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/ 		453 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/z?cb=1643383777309&callback=jQuery17105708502037898262_1643383777295&_=1643383777310
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637788009659710216
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e68768aae27ceca7545c18cfc00a6ed91bb4c4e9571f2a1d443fb8073a42ca13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1643383777301&h=thetruedefender.com&e=p&u=43726
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 28 Jan 2022 15:29:37 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
2207346
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
af63abe9-a01e-0081-2a45-a8f796000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d4b41e03ba9699f-FRA
cf-bgj
imgq:85,h2pri
dc.js
stats.g.doubleclick.net/ Frame E242 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3324
date
Fri, 28 Jan 2022 14:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 28 Jan 2022 16:34:13 GMT
dc.js
stats.g.doubleclick.net/ Frame 51E8 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3324
date
Fri, 28 Jan 2022 14:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 28 Jan 2022 16:34:13 GMT
dc.js
stats.g.doubleclick.net/ Frame FA45 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3324
date
Fri, 28 Jan 2022 14:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 28 Jan 2022 16:34:13 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.ae64b98b00cc19447497.js
platform.twitter.com/embed/ Frame F106 		456 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.ae64b98b00cc19447497.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
d8fbf31541c3099bd574dcaeb85ead7f79f6fcb362ce6be2c83d3545afeea6c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55397
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
117746
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/668D)
Etag
"647e14f778a34db3b3476dae1e207374+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.09964d0f32a1bcb7a4d9.js
platform.twitter.com/embed/ Frame F106 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.09964d0f32a1bcb7a4d9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
70695a3e0983b65ad28774ef984c9705ebd638685a57fd2b8e55878549da657c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
10492
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/6762)
Etag
"ef8b1970b7784451be9108ed1cd4cc19+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.eafe09b557bb10b4e079.js
platform.twitter.com/embed/ Frame F106 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.eafe09b557bb10b4e079.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
fda5df47ce854e84a113fbde5271b6783a95300b42520c8ec797c6afddfdfc8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
15893
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/6763)
Etag
"f3de08ec03684573f2215393f6a01636+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
dc.js
stats.g.doubleclick.net/ Frame 5598 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3324
date
Fri, 28 Jan 2022 14:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 28 Jan 2022 16:34:13 GMT
Capture-308.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-308.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
22448c11de6d605a9fa82f5dbe715a8f0af2f564c73991508ef36f46b42cd4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Dec 2021 16:39:58 GMT
server
nginx
etag
"b60e6aa921b26fc1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-308.png>; rel="canonical"
content-length
159726
expires
Sun, 31 Dec 2023 04:39:58 GMT
Capture-201.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-201.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
31d48ca7779881e669af8d6f4801888f6b8dcf5288aac7841592daab103c82df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 31 Dec 2021 09:26:52 GMT
server
nginx
etag
"9cc7e45f082d0da5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-201.png>; rel="canonical"
content-length
247596
expires
Sun, 31 Dec 2023 21:26:52 GMT
Capture-167.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		309 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-167.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
822806dddfbfc7cb730fad30f900b7cc51260862ae7a1fb0983a3f490c531e0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 31 Dec 2021 09:27:33 GMT
server
nginx
etag
"ea0588dc06311cd6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-167.png>; rel="canonical"
content-length
316172
expires
Sun, 31 Dec 2023 21:27:33 GMT
Capture-299.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-299.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a946480e563b4957a28f87b3255f394285a51de6b6a94616262a25b163ba3651
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Dec 2021 21:39:29 GMT
server
nginx
etag
"3b8ef26cb9aefc89"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-299.png>; rel="canonical"
content-length
261590
expires
Fri, 29 Dec 2023 09:39:29 GMT
Capture-125.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-125.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b2539f6f9db483523855e6d68398dae5941fd59c5996bf93043abdc91b320d25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Dec 2021 05:12:18 GMT
server
nginx
etag
"193ef5f7d0850fa5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-125.png>; rel="canonical"
content-length
213448
expires
Mon, 18 Dec 2023 17:12:18 GMT
lnn-45.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/lnn-45.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4aca4d3149a1233c13f275382b65adf32cef5a228098dbb01d2d5cd601b9dd1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 11:33:34 GMT
server
nginx
etag
"c14b81b91fb3b03c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/lnn-45.png>; rel="canonical"
content-length
217202
expires
Fri, 05 Jan 2024 23:33:34 GMT
Capture-128.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-128.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
36924f7449ae9cf1935fdba5aa63868a40888c8a1d92157d1fa64cdf005df47c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 17:29:50 GMT
server
nginx
etag
"34704afda6dbd068"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-128.png>; rel="canonical"
content-length
262310
expires
Sat, 16 Dec 2023 05:29:50 GMT
tweet
cdn.syndication.twimg.com/ Frame F106 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1486386394784223237&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.c690f634f8916333bc3b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
3f6da9c70b75e5a8bfbe610a00668f6409c7b54fba87c4ce7d072e7db04c18fd
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"5a6-WV3QbeAvRJ7JYcAJZNb6tQOuLBs"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=151
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
136
server
tsa_f
x-frame-options
SAMEORIGIN
date
Fri, 28 Jan 2022 15:29:37 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ", VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
aba885bd802d3a9fb3f562d39d255615dd6b334d5f9192cfe038721c47cec810
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
/
c.mgid.com/pv/ 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=164338377746870594669&uniqId=0fa68&childs=1260300&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&lu=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=61f40be1-00a61&pageView=1&pvid=17ea14e68bcb596a0fa&site=674711&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41e149719142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
age
5778
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d4b41e169e19142-FRA
expires
Sat, 29 Jan 2022 15:29:37 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
age
5776
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d4b41e169df9142-FRA
expires
Sat, 29 Jan 2022 15:29:37 GMT
1
servicer.mgid.com/1229463/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229463/1?pv=5&cbuster=1643383777555730051250&uniqId=0fa68&childs=1260300&niet=4g&nisd=false&jsv=es6&w=720&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&lu=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=61f40be1-00a61&pageView=1&pvid=17ea14e68bcb596a0fa&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5d085f050e90594fc9b68dc9d42e7f3027a00226375051ece2d147af161931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41e1db4e9142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1229983/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229983/1?w=307&h=1319&p3_w=304&p3_h=238&maxw_3=304&maxh_3=238&cols=1&pv=5&cbuster=1643383777556821531106&uniqId=0fa93&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&lu=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=61f40be1-00a61&pageView=0&pvid=17ea14e68bcb596a0fa&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd25aad2af9ced8ce9fd771409945a27963a7519016f30679300b4bcede59e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41e1db509142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1229464/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229464/1?w=720&h=311&cols=2&pv=5&cbuster=1643383777560551203170&uniqId=152c0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&lu=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=61f40be1-00a61&pageView=0&pvid=17ea14e68bcb596a0fa&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35581a9416646b699df1f06352c22577ecc0bb54d95761390c2657b1869ececc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41e1db499142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.b4d8783cf979de6f9652.js
platform.twitter.com/embed/ Frame F106 		145 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.b4d8783cf979de6f9652.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
478072a2ee372aadee16c38a9cf400be2abbdb6b7909687d57145b5c71ff860d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55396
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
Content-Length
37557
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/67A7)
Etag
"ba01e20b0cef919dfa9f6dc871b8c521+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.TweetVideo.87a7bd13e48f157eb410.js
platform.twitter.com/embed/ Frame F106 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.87a7bd13e48f157eb410.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
07b2a5952f2c02d8fb6debf250494c3e849a3ffad851c8d5f6a37e3746e640a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55396
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
13279
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/6739)
Etag
"a336079ea28ab8633fd284ac031921e2+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TweetVideo.1af49c487bd6152b4099.js
platform.twitter.com/embed/ Frame F106 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.1af49c487bd6152b4099.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
16fc151f4a7be3c0d2f3f34cfff7122ac2263d53c2002fc5b593826b56febc25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55397
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1825
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:36 GMT
Server
ECS (frb/6795)
Etag
"a1e64bda3aef346058bacdd2259bdda1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
jot
syndication.twitter.com/i/ Frame F106 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1643383777653%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2275b3351%3A1642573356397%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22f0deac1%3A1643324365050%22%2C%22item_ids%22%3A%5B%221486386394784223237%22%5D%2C%22item_details%22%3A%7B%221486386394784223237%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Fri, 28 Jan 2022 15:29:37 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f9e45c8cba2e581556c1133916039468f571be9a238b354ed912164e44009834
x-transaction
84848cc441b42496
expires
Tue, 31 Mar 1981 05:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2YwZjcwNTJlNWM4MzMzNDZjY2QxYTc3Nzg2ZDYxN2E3LmpwZWc.webp
s-img.mgid.com/g/4147868/492x277/108x0x768x512/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147868/492x277/108x0x768x512/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2YwZjcwNTJlNWM4MzMzNDZjY2QxYTc3Nzg2ZDYxN2E3LmpwZWc.webp?v=1643383777-uzmSC__QbveRzYwoGk6CIhQVmgzLmSQeBtI_6JzHI2w
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b01489181e7254d3b4d0885952d0d186f114c3bf69357b14db40851f7f52be

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:45 GMT
x-mg-request-uuid
c8fedce4-960a-41a7-9330-8abf2e181b95
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2ffcf8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15340
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp
s-img.mgid.com/g/3805630/492x277/0x0x575x383/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805630/492x277/0x0x575x383/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2Y0MWM5M2NmZDY3NDczZmI3NjVhODJiMzVmYzk4NTY3LmpwZWc_dD0xNTEyNjg0NTE0MTAz.webp?v=1643383777-6H4XkuCJH6eDbIF8mpF0s6BXRRsoBGGvovbMPzDHMmw
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86abf8aceab9708122d9ec56f1bb32199d2b7af7a567787e875cdb56e3e6a6d4

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:53 GMT
x-mg-request-uuid
bd9ae0dd-79d6-418a-b9ae-ffe63a98fd20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2ffd48ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9962
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp
s-img.mgid.com/g/3931460/492x277/9x9x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3931460/492x277/9x9x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2U1YTBhNjczOTQzYWNlYTA3OTU3OWEyZGI1ZDlmOGY4LmpwZWc.webp?v=1643383777-jHOqhJS0mZqy66xpuKL1YVEh0g7bTBBvhCCEno3PrwU
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3427b69a7a53aaaa1b70f0bfd45fd171c0b73d5cdaa8200696bf5d1d1b3a9626

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:30 GMT
x-mg-request-uuid
21c4ab0a-434d-440e-8b63-232a5e7cb88a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2efc98ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8022
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBhZTA3NTNmNDk2MTc4OTFlNWQ0YTU4OTU5ZWFjMDI3LmpwZWc.webp
s-img.mgid.com/g/3885446/492x277/114x0x846x564/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3885446/492x277/114x0x846x564/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBhZTA3NTNmNDk2MTc4OTFlNWQ0YTU4OTU5ZWFjMDI3LmpwZWc.webp?v=1643383777-H_qX25QPtQN94OPzexYrjHnK2OSMW2CGegYML7UqOho
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c43b9c88f5faab598e24d7573dc3b735e6084f8e605470e349b3f50f8bad3

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:27 GMT
x-mg-request-uuid
33c1cab1-0c15-4fd8-be67-61193b2e7fee
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2ffd68ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9574
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDIzZGEyYTVmMjViNzZjM...
s-img.mgid.com/g/12068023/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068023/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDIzZGEyYTVmMjViNzZjMzdjODdkZGViZmEzMWUyZGEuanBlZw.webp?v=1643383777-8dUcacYZZWe0Mkm8RbmZPzZS44qLrXD1ZCO6FwUPY5A
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2e5699107fa0b132e8d4687ad1e49fe379cae31e755dcab3699ada9784efab

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:13:02 GMT
x-mg-request-uuid
d9da163c-c53d-473b-8440-879d6e04abaa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2ffda8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13602
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzIyMzc0YjJkOTdjMzY0N2ZjYTRkNDNmYThmZGM2M2Q1LmpwZz90PTE0OTgxNjE5ODIxNDM.webp
s-img.mgid.com/g/3805608/492x277/0x0x900x600/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805608/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzIyMzc0YjJkOTdjMzY0N2ZjYTRkNDNmYThmZGM2M2Q1LmpwZz90PTE0OTgxNjE5ODIxNDM.webp?v=1643383777-stznl0uTBww4zZEwtXasr2nPY53apbNR2vmbxuaXtRw
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426d6e20ec0817e2d1c0abcef3253772bbe48029c650bfa12c2ef893f7d055e4

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:06 GMT
x-mg-request-uuid
c42c29dd-8236-421e-aa98-74601324c69c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e2ffdc8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15630
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvY2EyMjk4ODYyYjYyOTNjM...
s-img.mgid.com/g/10881009/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881009/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvY2EyMjk4ODYyYjYyOTNjMWRkYjU2ZTZiYWExMTY3MTEuanBlZw.webp?v=1643383777-OG4Wwp1Ceyz9juWCoFbg_yvdYCTfLpN2kI0vdpXbb2w
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feaa1eef5e364b26b1989fb6160957c5540d127ad1a28bb904e9b844a82885c8

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:18 GMT
x-mg-request-uuid
e629d232-f334-42c5-bf1c-2e190aeea77b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3893c8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13990
server
cloudflare
FgT6kdne_normal.jpg
pbs.twimg.com/profile_images/1171596431997755392/ Frame F106 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1171596431997755392/FgT6kdne_normal.jpg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
27bfde2b2355e6bb1f23a72077664fb6ad10ade6672d7d22f088a40b0647dd16
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
age
327438
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length
2263
x-response-time
116
surrogate-key
profile_images profile_images/bucket/6 profile_images/1171596431997755392
last-modified
Wed, 11 Sep 2019 01:26:51 GMT
server
ECS (frb/668D)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
6592c5d09f87f4905ff68093050654593ab271caf9e707cf2407ec26c7ec8e0a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
event
event.insticator.com/v1/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
3a837873b3c174524e190a4c9a9bf52379cac4d2822bb5e524c60df2d9d15abd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27136
x-xss-protection
0
server
sffe
etag
"1115 / 264 of 1000 / last-modified: 1643371812"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 28 Jan 2022 15:29:37 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.11.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-11-204.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
backfillad
dashboard.insticator.com/embeds/ Frame 4791 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 56F2 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
705
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
backfillad
dashboard.insticator.com/embeds/ Frame 5730 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame F4F1 		1 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
704
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
backfillad
dashboard.insticator.com/embeds/ Frame A2B4 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame B11B 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
705
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
backfillad
dashboard.insticator.com/embeds/ Frame C7CA 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame C7B5 		1 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
704
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
backfillad
dashboard.insticator.com/embeds/ Frame 7179 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame DBCF 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
705
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
backfillad
dashboard.insticator.com/embeds/ Frame D9EE 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 6D75 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-type
text/html; charset=utf-8
content-length
705
server
nginx/1.18.0
cache-control
public, max-age=10800
content-encoding
gzip
vary
Accept-Encoding
x-cache-status
HIT
x-cache-key
http GET dashboard.insticator.com /embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
embed.vendors~loaders.video.VideoPlayerDefaultUI.847c33c4256950c5e170.js
platform.twitter.com/embed/ Frame F106 		146 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.847c33c4256950c5e170.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
2f13d9703703cdf9f6332b5799247473ee00d4811262873d2be07704c32b9df2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55399
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
36345
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/6776)
Etag
"d2ce5356aaea01cd16394f9229ded219+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
platform.twitter.com/embed/ Frame F106 		252 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.4991aa8b1b18f4b0fa83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
a502b8c6ca98e6a37c9f5888bb0ea36d3424d09f2f7c78a5d41da31fbb4f120b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1486386394784223237&lang=en&origin=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&sessionId=5ee78db7a8e1cdd62dec878e8c790fba094c171d&theme=light&widgetsVersion=75b3351%3A1642573356397&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Age
55398
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
75323
x-tw-cdn
VZ
Last-Modified
Fri, 28 Jan 2022 00:03:37 GMT
Server
ECS (frb/674C)
Etag
"6b7de568f6c0a803a6a4872b5a959b31+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
vvLhCV27b6UhlxrE.jpg
pbs.twimg.com/ext_tw_video_thumb/1486386254707146760/pu/img/ Frame F106 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1486386254707146760/pu/img/vvLhCV27b6UhlxrE.jpg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
e5605b2b34cfd77cc5c5d2672ac1cac148ff02260b0fdf8a4ea9ca775f7bf250
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
age
166670
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
50321
x-response-time
298
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/3 ext_tw_video_thumb/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECS (frb/6731)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7d9d8daa14358c1abb8e167c0d27ee2798d41ecf6799221ead27ee011d89d343
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-01-21T09:04:54+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sat, 21 Jan 2023 09:04:54 GMT
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064551
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 14:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Jan 2023 14:46:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		287 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5d9880e11f1146f12d4ac5114b1a4aca4c9244275560557addd1126aae5fe074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142
x-xss-protection
0
expires
Fri, 28 Jan 2022 15:29:37 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1643383777-XbOFHshAH-BIjSnZpghur3dIY05T0va8EZWIJt_o8cQ
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:57 GMT
x-mg-request-uuid
cfafc9d5-1be0-406c-894d-d5fd8595649f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9bd8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15828
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyY...
s-img.mgid.com/g/11533304/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533304/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWZlYWY1YjVjYjBhYzQyYjZhMmI5NGZhNDc3MzFhZTcuanBlZw.webp?v=1643383777-jtD08sIzh0cteU_lSNmO0etSgBjELuNlwfMqL-VieOk
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962ad038354035ffa7514c00b09391bb845c71748414018801d8b0710e5a13a7

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:04 GMT
x-mg-request-uuid
09dcb2fb-846f-4bfa-b078-ccb73598ce97
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9c08ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17780
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDI3ZmZlMjI2Y2JjNjAzZ...
s-img.mgid.com/g/11533322/492x277/-/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533322/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDI3ZmZlMjI2Y2JjNjAzZTYzMmJiZTI2OTExZTYwZDYuanBlZw.webp?v=1643383777-6j5ar7yNErXy-auCmI-Be-PbMx5pjBuFBcAZQ_wNGY0
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2398c89ce7ee4d52d77f51630691eb907e058826b460618187ba964b66158e5c

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:26 GMT
x-mg-request-uuid
7e003a5e-3d27-4948-8698-4b8fbaae1f76
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9d68ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15748
server
cloudflare
aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTA2LTA0L2Y5YjdkM2E2ZjdhMDkwNzk2YTI1YTFkZTAwNDc1ZDc1LmpwZw.jpg
s-img.mgid.com/l/-/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL3ZpZGVvLW5hdGl2ZS5tZ2lkLmNvbS92cmltYWdlcy91cy8yMDIwLTA2LTA0L2Y5YjdkM2E2ZjdhMDkwNzk2YTI1YTFkZTAwNDc1ZDc1LmpwZw.jpg?v=1643383777-KQC5ZVnlF4Cd9aV4yNrGqg3ktFHQ0pqcZ8QwdPXnk3w
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49cfd9b52fd2fdf42d94fad0e335d7da0f78413ce69efb6ae1a38fcee5ec45a

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:00:29 GMT
x-mg-request-uuid
5a0b7f02-e921-4f5d-b821-6dc37e4e63f6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9da8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11857
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhM...
s-img.mgid.com/g/11533310/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533310/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhMTgzNTI1MDVkMjYzODBjMDdmODFkZTI0NmRiNS5qcGVn.webp?v=1643383777-ERTokqeN5Dy0ShuYjwiDYZtVQvVZdwPMCTXFH2JpK90
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551a970dcd88f5f3fb322111523dbd53debd6b59597f3dcfaa58f06b4a14b90f

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:13 GMT
x-mg-request-uuid
83780831-d4a5-4a4b-a0ea-a36942bece5a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9de8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28230
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyN...
s-img.mgid.com/g/11739834/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739834/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyNDBhYjIyODE3OTJlNThmZDQuanBlZw.webp?v=1643383777-jZZ8wtMhmLgSQlQM4y9ncxntEF8_EE2A235zjtfoCeA
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:46:41 GMT
x-mg-request-uuid
b08eac87-f8ff-4e98-a68e-393a9bda8f95
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9e58ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZWM3MThlNWQ5N2FjNTU1Z...
s-img.mgid.com/g/11533298/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533298/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZWM3MThlNWQ5N2FjNTU1ZjQ0ZDNiNGE2ZjY3MTdjNmMuanBn.webp?v=1643383777--j-UY20SlUUgPW1wR_8PwCcMYEsLcGVC36DDf9SudZU
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f11ad1c6d42e23c2c3293d3c0435b19e924cadf8f6c13f638fd4c4c8d806b93

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:25:43 GMT
x-mg-request-uuid
87d09897-8d1a-47de-abbd-e7cf69580315
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3c9e98ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2IzYmUzZDhkOWJlNWM4NjVjMGRkMzQzNTg2ZTA4YzlmLmpwZWc_dD0xNTEyNjgyNzgyMjIy.webp
s-img.mgid.com/g/3805619/492x277/0x0x900x600/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805619/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMDcvMTAxOTI0L2IzYmUzZDhkOWJlNWM4NjVjMGRkMzQzNTg2ZTA4YzlmLmpwZWc_dD0xNTEyNjgyNzgyMjIy.webp?v=1643383777-Az64Lf6zYSI3tmVSxAjSgLSlb8yDWt4SDY_LqG2V3Gg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8d1e652bf7c392a03eafaf70608139dcb4b37dc216e0ab9d3edc4b20cda016

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:02 GMT
x-mg-request-uuid
f8d3d0fd-67b2-4873-91ab-63196f7a1709
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9ec8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10780
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYzOTY0NGQ0ZWQ1ZmQzM...
s-img.mgid.com/g/11533314/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533314/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYzOTY0NGQ0ZWQ1ZmQzMGU0M2Q5M2Y2NzdlNDBhMzUuanBlZw.webp?v=1643383777-AAdww59Cq2qbCRE0uC02Em6XWjb8RACYbUb2FmgzwDI
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02302fbd7f869939eeeaadc95a84549885ff57f68c67c1517a6ff05fe7cd5ce

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:03 GMT
x-mg-request-uuid
92c740bf-fdb0-4a9a-887e-ade76121442b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9ee8ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13950
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzMzOTkzNTAxOWQ1MTdkZjVlMDQ5MDRkYTE2NTZkYWE1LmpwZWc.webp
s-img.mgid.com/g/4147870/492x277/80x4x629x419/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147870/492x277/80x4x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzMzOTkzNTAxOWQ1MTdkZjVlMDQ5MDRkYTE2NTZkYWE1LmpwZWc.webp?v=1643383777-P7toRkgPLtYkGUEY-dQ9ioEJNCLVPTR9L1sJXeyog5c
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19e8fea1a7b7f8061ff8e32de4190ce124f06da1fd14a87df0043089b1233a7

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:47:09 GMT
x-mg-request-uuid
e555d1e0-2a02-40d5-b20e-7e59626dd507
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9f18ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10148
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.mgid.com/g/8193534/492x277/0x124x788x525/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193534/492x277/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1643383777-azduYS0NRl4WZnhEqcHHzAuiS4ARr9fh19OXlAwtztM
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5ea15becf5b0063dbf7115a802701a0b96f3d3907608b37732922d235b1420

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:41:02 GMT
x-mg-request-uuid
ea691e9b-072f-400f-86bc-58b4968efa82
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9f28ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9302
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp
s-img.mgid.com/g/3805598/492x277/0x0x878x585/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805598/492x277/0x0x878x585/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp?v=1643383777-5zvFMEKZ-pngYeaQptsEFV8RjXCkHVXppYQSkbt1kB0
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f594de5c03b965e557e6372080fe22219f5e294dd3fb70b06a173644c967eae

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:17 GMT
x-mg-request-uuid
ffafcdc9-e637-48cc-83e7-f0129d5fba82
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9f38ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21164
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N...
s-img.mgid.com/g/12068022/492x277/-/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068022/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N2NlZmIzYzEzNDlhODkxYjQuanBlZw.webp?v=1643383777-VvrwxP1vmKF-Nsz8tQJpv3u3DuccFJ1tSwp9v2U1Puk
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:14:28 GMT
x-mg-request-uuid
f944fde7-4aca-4cba-a1cb-36565bf429e7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9f48ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38134
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTgwN2JhZWYxNzgyNzVmM...
s-img.mgid.com/g/11739869/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739869/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTgwN2JhZWYxNzgyNzVmMjEwOWQ2N2QwYmViYjMwNjUuanBn.webp?v=1643383777-hBJXADdplgW1Ja7WpuZOICel8k49720L-adF70sulcI
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f823ef4f6c185d8b947f81f6908f0c8bb8758a96fb5417cc1cdef669fa7f2664

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
bca8ad7a-7d63-4cfc-83dd-45f5c08a9e10
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41e3d9f58ffe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13178
server
cloudflare
i.js
cm.mgid.com/ 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1643383777877447032333
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4b41e3d92c9142-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vvLhCV27b6UhlxrE.jpg
pbs.twimg.com/ext_tw_video_thumb/1486386254707146760/pu/img/ Frame F106 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1486386254707146760/pu/img/vvLhCV27b6UhlxrE.jpg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
e5605b2b34cfd77cc5c5d2672ac1cac148ff02260b0fdf8a4ea9ca775f7bf250
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
x-content-type-options
nosniff
age
166670
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length
50321
x-response-time
298
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/3 ext_tw_video_thumb/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECS (frb/6731)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7d9d8daa14358c1abb8e167c0d27ee2798d41ecf6799221ead27ee011d89d343
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
mgWidget_1.11.78.js
cdn.mgid.com/js/wglibs/ 		374 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.78.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5719f3b0da9be57fe11540c4538089a43fd8e59fa796eccf48f63ce7157f8b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3733
last-modified
Wed, 19 Jan 2022 16:08:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZJVDH0W990YVC54N
x-amz-id-2
/7G+9FowAsJk+myEsJ7syi3tdVsGqUmPx96+JJnOrg3Zzi/o8tFRqJnD4drV3PtP
cf-bgj
minify
server
cloudflare
etag
W/"0cefea1058680d108df7e394f5585dd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6d4b41e4094c5b68-FRA
expires
Sat, 29 Jan 2022 15:29:37 GMT
Uz4ijWFmbih7GEsK.m3u8
video.twimg.com/ext_tw_video/1486386254707146760/pu/pl/ Frame F106 		443 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/pl/Uz4ijWFmbih7GEsK.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2D) /
Resource Hash
fe9c44485e4a7195e3fbea041f6550ae1360643c7ba0a64c3be6d59e0263226b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166670
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
259
x-response-time
84
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8F2D)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
80d4102926c6f8ebf244c512e3733fd0d3dc0bf4d97274e5dca37f03fcd5c5d0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 56F2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
etag
c5d26e53d9d3243a25799e2b768bfe1d
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
353cedeb2c2225270264f3e9ba7233b0-2.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame F4F1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
etag
353cedeb2c2225270264f3e9ba7233b0
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
12405
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame B11B 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
etag
c5d26e53d9d3243a25799e2b768bfe1d
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
353cedeb2c2225270264f3e9ba7233b0-2.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame C7B5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
etag
353cedeb2c2225270264f3e9ba7233b0
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
12405
mgadt.449143.js
player.adtcdn.com/prebidlink/456495.49388694443/ Frame BAB8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456495.49388694443/mgadt.449143.js?domain=thetruedefender.com
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Aug 2021 13:57:50 GMT
server
cloudflare
etag
W/"61264c5e-805"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Tpr2R1SZga3t2BjOJGLtc0z4XMTTI4DgH6y7PbRxW2w687s%2B%2FkGTcrmfjNH8D88r8fQMj7vTDK3p7MIODX23XL8Bhzxcz0kgs3i9vRi0M3MRuZGlv5BHkO%2BF8myd3VvrV3U%2BcsOzbrQx903b%2B0UKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41e4ed6890f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 28 Jan 2022 15:44:38 GMT
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame DBCF 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
etag
c5d26e53d9d3243a25799e2b768bfe1d
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
i-noref.js
cm.mgid.com/ Frame 3BC1 		0
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1643383778011867413133
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d4b41e4aa9b5b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame 56F2 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
analytics.js
www.google-analytics.com/ Frame F4F1 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
analytics.js
www.google-analytics.com/ Frame B11B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
analytics.js
www.google-analytics.com/ Frame C7B5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
62wQ4YxYQekaNent.m3u8
video.twimg.com/ext_tw_video/1486386254707146760/pu/pl/320x564/ Frame F106 		2 KB
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/pl/320x564/62wQ4YxYQekaNent.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1E) /
Resource Hash
22fdf0a65568bccc357d5d8e80fa8dab259d5b0639e37851de52a86c7d6f4099
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166668
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length
504
x-response-time
208
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8F1E)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2a49124ca617d43f7ebef2b0d36d4b89c75a60e1521bd8930275783b855ab2ef
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
analytics.js
www.google-analytics.com/ Frame DBCF 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 6D75 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.184.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-184-171.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 14:35:54 GMT
server
nginx/1.18.0
x-cache-key
http GET dashboard.insticator.com /vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
etag
c5d26e53d9d3243a25799e2b768bfe1d
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
jot
syndication.twitter.com/i/ Frame F106 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1643383778085%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2275b3351%3A1642573356397%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22f0deac1%3A1643324365050%22%2C%22item_ids%22%3A%5B%221486386394784223237%22%5D%2C%22item_details%22%3A%7B%221486386394784223237%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A942.8999996185303%7D&dnt=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Fri, 28 Jan 2022 15:29:38 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f9e45c8cba2e581556c1133916039468f571be9a238b354ed912164e44009834
x-transaction
762e3979598203b1
expires
Tue, 31 Mar 1981 05:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 6D75 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6884
date
Fri, 28 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 28 Jan 2022 15:34:54 GMT
JTdzBEx03c8quZkP.mp4
video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/0/0/320x564/ Frame F106 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/0/0/320x564/JTdzBEx03c8quZkP.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F92) /
Resource Hash
6b42722f5d2b2e6ea23088c2a64cd0bf3911138aec45b66cbc30573a51c141b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-content-type-options
nosniff
age
166668
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=6
content-length
1131
x-response-time
99
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8F92)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
635b2e479e947faf6d15213f9871675a4c54ccbc61799a19e80999962be5cbf2
accept-ranges
bytes
zW1S2vcoFxi-rv6H.m4s
video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/0/3000/320x564/ Frame F106 		101 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/0/3000/320x564/zW1S2vcoFxi-rv6H.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDE) /
Resource Hash
47deeb506a352e55708a5bb1b0def35a9287d3a2c6db11ff6570ee48a83195f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-content-type-options
nosniff
age
166667
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
103549
x-response-time
94
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8FDE)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ca9f32b711e8c2a7516e25f994d51433f379e2bebff8aab963cabe5078ebe66c
accept-ranges
bytes
449143_thetruedefender.com.js
player.adtcdn.com/prebidlink/456495/ Frame BAB8 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456495/449143_thetruedefender.com.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456495.49388694443/mgadt.449143.js?domain=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1d5a79b0aff9e639d8e279ad9eaf9000d9aaa35fbc2580aaa496abbdf03fbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 21 Jan 2022 12:21:45 GMT
server
cloudflare
etag
W/"61eaa559-41f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mZUvgVInXPKpwwuLufIS40VMosnfXLhTWlDfodyHuaXIYOSqPQs2KvC05dDfliJtwtsef5A9I6TMmEKJ%2F3GvqRIHp%2BxH44KtN9bRcmZLPP0Lf3fl4CDTDZiGzearRB8Qr4coziPqKJzzpzPvxBjgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d4b41e6891e8fd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 28 Jan 2022 15:44:38 GMT
423b852b-1cd6-42bd-81f0-833a4582bb9d
player.ex.co/player/ 		744 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38f5195c6a416a6cc9abd237ed7159ba4b742913d96adee705a529902326c966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
age
8952
x-cache
MISS, HIT
access-control-max-age
600
content-length
221440
x-served-by
cache-iad-kiad7000125-IAD, cache-hhn4030-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1643383778.351569,VS0,VE0
etag
W/"ba197-NflCzxx8qncA0MSOZ8LU39kSiyw"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 2
nT8ArYyQlhCzIVcQ.m4s
video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/3000/6000/320x564/ Frame F106 		119 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/3000/6000/320x564/nT8ArYyQlhCzIVcQ.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7E) /
Resource Hash
6793259f91c9bdfa8fb906811787c04cd02563117968cfa4754fd654c8af197a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-content-type-options
nosniff
age
166666
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=5
content-length
121684
x-response-time
96
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8F7E)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
87f52b045d1ab017a71c0018bd6473b70dfe296160552c7d163a475c48c4533f
accept-ranges
bytes
moZYf54spNvZFK8-.m4s
video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/6000/9000/320x564/ Frame F106 		134 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/6000/9000/320x564/moZYf54spNvZFK8-.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBB) /
Resource Hash
c403acb3b2ea1ce34e2414bb18c6b81954679799a85e61fc9a3db83c3053ac92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-content-type-options
nosniff
age
166666
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length
136788
x-response-time
92
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8FBB)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da12f59896f0d60298975b4f07dc7b75ceb5fab201fd3ba90333457a770bf5c5
accept-ranges
bytes
events
prd-collector-anon.ex.co/main/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.32.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-32-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:38 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 Jan 2022 14:19:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 28 Jan 2022 15:29:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jan 2022 15:29:38 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 28 Jan 2022 15:34:38 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame CB6A 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduWQ6Eo_G7H25hmWuLEwXPHh3J4TK52afmyAgKrIMdiqgfuJKltZoGDZLcQSSv_P68SkgTzxId-KkK0h43qUxgs3VasMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99205
last-modified
Thu, 20 Jan 2022 11:23:37 GMT
server
UploadServer
etag
"c4fd3c1c12f1603b143af9c821681876"
vary
Accept-Encoding
x-goog-hash
crc32c=hrQu+g==, md5=xP08HBLxYDsUOvnIIWgYdg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677817486292
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99205
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 28 Jan 2022 15:34:38 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.32.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-32-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:38 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1643383778497&cid=6194c0f876cae755cd2701fa&VERSION=4.126.1&AV_PAGE_LOAD_UID=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_CDIM4=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
VJz_1fodbiiSpYlc.m4s
video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/9000/12000/320x564/ Frame F106 		102 KB
102 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1486386254707146760/pu/vid/9000/12000/320x564/VJz_1fodbiiSpYlc.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.a0f122d596524897615f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F78) /
Resource Hash
3337b83030e668b00d5b8461d6af582dcbbe7bde43eff3ec29fbe38f926f86d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-content-type-options
nosniff
age
166653
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length
104210
x-response-time
80
surrogate-key
ext_tw_video ext_tw_video/bucket/3 ext_tw_video/1486386254707146760
last-modified
Wed, 26 Jan 2022 17:09:13 GMT
server
ECAcc (frc/8F78)
x-tw-cdn
VZ, VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
07f63ae4d599b4c4395c89dbc38acd7a631f2cda98c644b088a5229586805f2f
accept-ranges
bytes
hbw_master_449880_13673.js
player.adtelligent.com/prebidlink/456495/ Frame BAB8 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456495/449143_thetruedefender.com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f3856103d86fc6f20acfd5549e4659b5be3212b9c7f3edef7c494bac0a30a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 12:21:45 GMT
server
nginx
etag
W/"61eaa559-12b03"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 16:29:38 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1750ffa3cf77edc848ddb2839c6b6ac84c20797f45478ad876b817053a3637b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-dca17761-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:04 GMT
Server
cloudinary
X-Timer
S1643374526.101049,VS0,VE38
ETag
"8f18cd11f405090a550fca031b9d139a"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548325
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=thetruedefender.com&sn=&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.1.2.99&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6194c0f876cae755cd2701fa&stagid=&stplid=&e=inventory&vi=0&cb=1643383778668
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		31 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.126.1&AV_PAGE_LOAD_UID=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_CDIM4=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6194c0f876cae755cd2701fa&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=thetruedefender.com&AV_DADPOS=3&d36=6.1.2.99&responsive=1&sver=1&avtoken=778668&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1643383778677
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-55.compute-1.amazonaws.com
Software
/
Resource Hash
6ecde17c0911942e87d2bc095369d4e70e4ac05221eae9048bdcee41527bb59d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 17 Jan 2022 01:42:58 GMT
hb_449880_13673.js
player.adtelligent.com/prebidlink/ex19021/ Frame BAB8 		356 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ff7907756bc34cf4ff2d93563f28451c1eba274cccc6cac66b00d9784c300e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 17:17:49 GMT
server
nginx
etag
W/"61e5a4bd-591c0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 16:29:38 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame BAB8 		140 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
98cc93dfa2223c4aefeba2217ce8d74d80d6f3ac3c2a530457a0864fac3a202c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
140
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ Frame BAB8 		43 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=449880&site_id=13673&full_page_url=https%3A%2F%2Fthetruedefender.com&adid=yk9r3v.cy&features=32&vpbv=N046&lifecycle_tte=814
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:37 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1643374495/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
44c0313ee010b4ebfe8165b29eaefe1f6e3b94f5c83a2399e8ec5933fccdb218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1219
X-Served-By
cache-dca17783-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:00 GMT
Server
cloudinary
X-Timer
S1643374831.739148,VS0,VE1
ETag
"0f3d1c4f88433a09fbc746216016da35"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548599
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1643374495/ 		54 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
d3bc027c19269284918237e537c45d8cfe0fc41c60dfc9b6c893ff64cb840135

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-55271

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-55271/765160
Connection
keep-alive
Content-Length
55272
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:00 GMT
Server
cloudinary
X-Timer
S1643374831.901322,VS0,VE1
ETag
"81d1c55d2c705c4fc6d008ac36875470"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548612
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
config.json
player.adtelligent.com/exchange_rates/449143/ Frame BAB8 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/449143/config.json?cb=https%3A%2F%2Fthetruedefender.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
a8d9e93e9a9f04ec038135aa48b5db7ddad679d94a7d7442cbf94c1be1b0e165

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 12:01:10 GMT
server
nginx
etag
W/"61f3db06-4dce"
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
expires
Fri, 28 Jan 2022 16:29:38 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
vr
ghb.adtelligent.com/ Frame BAB8 		347 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/vr?bids=2741,2905,6515,14399,14647,14715,14734,14770,18078
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3d132676024fc1ef7dc944f4fdce0c538870c9520b239b888cbf8bc45af72014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:37 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
189
localstore.js
script.4dex.io/ Frame BAB8 		483 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175092
x-amz-request-id
tx55e0171528d74adb9309d-0061f15fee
x-amz-id-2
tx55e0171528d74adb9309d-0061f15fee
last-modified
Wed, 26 Jan 2022 14:43:29 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdUVKrrB%2F4%2BFV81pQ3MaO7LYJ0UpPvSb1DhFJAHs05zw%2FYh%2FiA3xn3%2Blinmln4zeNLf203ucG7VEYij6yTanEPe0Bt0ExxiM07ZplswGANbVBTdn5Dra%2BgsdVmYGUbJRO7kKP9UEwZVWR9JF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1643208209303360
cf-ray
6d4b41e9b972913d-FRA
prebid
mp.4dex.io/ Frame BAB8 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41e9bcee923b-FRA
x-err
Parsing the Prebid Request. org/site not found
expires
0
auction
rtb.adxpremium.services/openrtb2/ Frame BAB8 		324 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
ebbca5c04f7eff6128c2b33ce2535842875a959a165d796b6ee2150a6e4454ee

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:40 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame BAB8 		19 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:38 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f264a084-46db-4b2b-b319-9a8c86d5700f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
lockerdome.com/ladbid/ Frame BAB8 		11 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
bid
research.adtelligent.com/ Frame BAB8 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://research.adtelligent.com/bid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.83.70.67 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/ Express
Resource Hash
1bfc0e8a0e8f9a1a8ee53f79b44b56bfd32b5694707da704851c10fa42cdf74e

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
X-Powered-By
Express
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
6123
adjson
ads.betweendigital.com/ Frame BAB8 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BAB8 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:38 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BAB8 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2255044&size_id=15&eid_criteo.com=qAwZwV95cHU2dzR4T1lXQmhnUXRrNlJrV0FucTRkWU9xYWl6ZGVIT2xFeWx1NU5SWTc1a2M5VUJveGNaeFBWUFM2dnlTVU1NTElQMm8lMkI2MGN1QTE0SGpXcU1nJTNEJTNE%5E1&eid_pubcid.org=11e1ba2b-7787-4797-8f88-9b22cdc75145%5E1&rf=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=db298139-1909-4550-a0a6-ccc02dc29f1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8275979723674018
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
60eaf34b112ae7f2606a717731dc9fd905678371d93f57e20930163e214fda66

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:38 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/thetruedefender.com/ Frame BAB8 		2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/thetruedefender.com/ROS?rnd=0.28694250818961575&e=300x250_0%3A300x250&ur=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&e_criteoId=qAwZwV95cHU2dzR4T1lXQmhnUXRrNlJrV0FucTRkWU9xYWl6ZGVIT2xFeWx1NU5SWTc1a2M5VUJveGNaeFBWUFM2dnlTVU1NTElQMm8lMkI2MGN1QTE0SGpXcU1nJTNEJTNE&e_pubcid=11e1ba2b-7787-4797-8f88-9b22cdc75145
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:38 GMT
access-control-allow-credentials
true
server
openresty
content-type
text/plain
content-length
2
x-sid
AMS-605
j.html
p.midserved.com/prebidlink/19020/ Frame 5F96 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.midserved.com/prebidlink/19020/j.html?i=11602
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 28 Jan 2022 16:29:38 GMT
access-control-allow-origin
*
e1193c56-cb9a-4273-8a50-17d4cdeb3f70
https://thetruedefender.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thetruedefender.com/e1193c56-cb9a-4273-8a50-17d4cdeb3f70
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3d7b05c50230e732d6387e17fc86069e3e964bddf59d4f1b42307a5121d315af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1231
X-Served-By
cache-dca17761-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:04 GMT
Server
cloudinary
X-Timer
S1643374526.437070,VS0,VE45
ETag
"119b47649af0a2487b724c8ba725ec22"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548329
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		102 KB
103 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8ad99c86048e1bff5d9e40af7c49a1ef48fa1e0d6fa92558b49cbe3180c90ca4

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-104715

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-104715/1597436
Connection
keep-alive
Content-Length
104716
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548699
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
adagio.js
script.4dex.io/ Frame BAB8 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174266
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx3e82bbaff7d8428ebed68-0061f16196
x-amz-id-2
tx3e82bbaff7d8428ebed68-0061f16196
last-modified
Wed, 26 Jan 2022 14:43:28 GMT
server
cloudflare
etag
W/"88567a823cfd2840dd0a3198b929d466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zL9IXOI4kg29lOI9MLqmjuQ4b9iTzKSY0QzgNLXPOnzl1IP2AnTREPMEoPb7mOkIOd2dMYTT5TbwfUqQpvRTrZ%2Bsb3WXDsK410SvXe2MU08LRzZhsQiXGQpI6M7SqtS5W6R9k5ssfo7Mctq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1643208208262354
cf-ray
6d4b41ea1f009249-FRA
access-control-allow-headers
Authorization
369.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
f1a034cb9ed52d9ef0c335c10420a7349c41b3019cbc2c4584a46e4846e90ed8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:38 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4b915656b49e6a8400f899665e1a9b6a1841f32a8b1917e189e05bafff099fd1

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
x-server
10.45.4.45
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
c7e02db6ee7d5cd8c3496675ff1c974da201a4241630c4885ed1126a6b807a18

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 27 Feb 2022 15:29:39 GMT
pbm_307825_11602.js
p.midserved.com/prebidlink/19020/ Frame 5F96 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.midserved.com/prebidlink/19020/pbm_307825_11602.js
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/19020/j.html?i=11602
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
39bf3132e2fabc60aa1f623f10b7bb91ccef477653ec51291038f1c2a22c8032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/prebidlink/19020/j.html?i=11602
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 14:50:04 GMT
server
nginx
etag
W/"61f15f9c-8d89"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 28 Jan 2022 16:29:38 GMT
tracking
ghb.adtelligent.com/adunit/ Frame 5F96 		43 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fthetruedefender.com&adid=1d75e7f452ac75&vpbv=M055&client_id=307825&site_id=11602&lifecycle_tte=141
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/19020/pbm_307825_11602.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.midserved.com
Date
Fri, 28 Jan 2022 15:29:38 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
ghb.adtelligent.com/geo/ Frame 5F96 		140 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/19020/pbm_307825_11602.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
98cc93dfa2223c4aefeba2217ce8d74d80d6f3ac3c2a530457a0864fac3a202c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.midserved.com
Date
Fri, 28 Jan 2022 15:29:38 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
140
Content-Type
application/json
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		220 KB
221 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
494edf497df9401c276fc7e9588a71fc979845e88347ec3de41f966213cf2498

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=104716-330315

Response headers

Date
Fri, 28 Jan 2022 15:29:38 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 104716-330315/1597436
Connection
keep-alive
Content-Length
225600
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548699
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.32.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-32-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:39 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
6591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 28 Jan 2023 13:39:48 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		122 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5ca6d957f3e42bc9830720c7b0cad4721ba013fafe0cd396621d43faacd3a553

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=330316-455147

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 330316-455147/1597436
Connection
keep-alive
Content-Length
124832
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548698
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		222 KB
222 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
81b68c553a97401129e597cd3d54cf6c3d12b0d3a74b1ff15bdd93a427489f23

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=455148-682063

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 455148-682063/1597436
Connection
keep-alive
Content-Length
226916
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548698
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E25D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=123416
expires
Sun, 30 Jan 2022 01:46:35 GMT
date
Fri, 28 Jan 2022 15:29:39 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame FD8B
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eef58ed9ddef3f153023ead880f7dea7fa2415a15db8d387eb19a01f7faf79fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|31|206|10|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Content-Length
1728
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 23D5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 28 Jan 2022 15:29:39 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Fri, 28 Jan 2022 15:29:39 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame 6C81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1643383778975-922024128334-008896-011-004958&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Fri, 28 Jan 2022 15:29:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ewr1
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.32.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-32-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:39 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame CB6A 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bbb5793911e601330153418c841cc86a73e0018eee5887ccf121c9ded7cee53f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdthHAFEf-n98DvbNvU_RuLsNsZHk7Powb8MxRcl6PpTdlpvXcT4QJl2g5q1dh9Gnsnt3rv1kPfxmq_wrOLXwFQhTwTL_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Thu, 20 Jan 2022 11:22:06 GMT
server
UploadServer
etag
"fc8a8f380c54ebfb0ea5f906a6ef95b1"
vary
Accept-Encoding
x-goog-hash
crc32c=/r/+pg==, md5=/IqPOAxU6/sOpfkGpu+VsQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677726061277
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 28 Jan 2022 15:34:39 GMT
vast2
tag.targeting.unrulymedia.com/rmp/243572/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/243572/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383779056
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383779056
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383779056
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383779057
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=88660&t=1643383778&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643383778975-922024128334-008896-011-004958&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=97189703415&cd1=4.126.1&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=request&cb=1643383779058&asid=5fa2711a54dbb238c9289f7d%2C5f06eb963739774ab35ff916%2C5f8c4fcaf3eefc7b4d24fc09%2C59f5ee5e28a061016262480e%2C61b754ed61c198758737a774%2C5e1b272e28a06142643c20cd%2C61129c5f0e70e663bd7c5b71%2C60c60c3b1731ed2b383f0908%2C5fbe5d4370a94c4b696b7ccc%2C5fbe5add3443ef680f0480d7%2C60ebfe94ebe867570438e997%2C604e0c8861e0794a7a3b232a%2C5c5a9a6228a0617b9619af99%2C5fbe1a1fd09dbe29472667bb&ofpr=2%2C%2C%2C4%2C%2C3%2C%2C%2C2.8%2C%2C%2C2%2C2%2C4&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E25D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67477907&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:38 GMT
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		167 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6e1bd4da509772fc979984d55f9887d457270eb2d731dacd4a8519270a3579f5

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=682064-852955

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 682064-852955/1597436
Connection
keep-alive
Content-Length
170892
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548698
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
333ab01ba4a78781f3727d56490c0fea816b40611f1147c1f5bbf66463eb2afa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e33de2aaa29c4900991945afe4192894608c457c95ca3a0e31d7d88aea0150cb

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9aee4def5d16d6fee114ea61f044eae9bbc4d6b6efce612aec62cc742c296180

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203144/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/216551/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
usync.js
eus.rubiconproject.com/ Frame 23D5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac931be8317ddd557641b52071fba107832e8ea03d8822c32b30693eacffc17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53026
content-type
text/html; charset=UTF-8
content-length
9707
expires
Sat, 29 Jan 2022 06:13:25 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		172 KB
173 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
da7f6a86c69ea3d3fa60685105b5c2f5a483c6ba90067a35b46c490760510f6c

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=852956-1029487

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 852956-1029487/1597436
Connection
keep-alive
Content-Length
176532
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548698
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
pixel
cm.g.doubleclick.net/ Frame FD8B 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame FD8B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BCNRBJSNRGRSREFX6FDX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TBZ1RWMPER8HG94G1N1D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FD8B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame FD8B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfQL4.aFaJRH5L7u-8nPNQAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YfQL4.aFaJRH5L7u-8nPNQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHwyogsxmYIS72r7D9DqkFc&google_cver=1&gdpr=1&google_hm=2
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHwyogsxmYIS72r7D9DqkFc&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:39 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHwyogsxmYIS72r7D9DqkFc&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop
px.owneriq.net/ Frame FD8B
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6966701791962654085&uid=Q6966701791962654085&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame FD8B 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame FD8B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=643277099282
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=643277099282
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:39 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=643277099282
crum
dsum-sec.casalemedia.com/ Frame FD8B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1976306187885984856
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1976306187885984856
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:39 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1976306187885984856
Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame FD8B 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1643383778975-922024128334-008896-011-004958&biddername=42&key=YfQL4.aFaJRH5L7u-8nPNQAA%261197
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643383778975-922024128334-008896-011-004958%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.158.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-158-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 23D5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&khaos=KYYK9R90-11-D4UO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=88660&t=1643383778&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643383778975-922024128334-008896-011-004958&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=97189703415&cd1=4.126.1&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=bid&cb=1643383779286&asid=5f06eb963739774ab35ff916%2C5f8c4fcaf3eefc7b4d24fc09%2C60ebfe94ebe867570438e997&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 23D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPoYcy-16bz_s-4DoSupiGA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPoYcy-16bz_s-4DoSupiGA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPoYcy-16bz_s-4DoSupiGA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 23D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f63961f4-0be3-4f00-b0ba-0f24ee96f431
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f63961f4-0be3-4f00-b0ba-0f24ee96f431
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Date
Fri, 28 Jan 2022 15:29:39 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f63961f4-0be3-4f00-b0ba-0f24ee96f431
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 28 Jan 2022 15:29:38 GMT
v1
ads.yahoo.com/cms/ Frame 23D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYYK9R90-11-D4UO&sigv=1&esig=2~9b85ce780eb4250b45633cff0a24a5674806506e
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYYK9R90-11-D4UO&sigv=1&esig=2~9b85ce780eb4250b45633cff0a24a5674806506e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYYK9R90-11-D4UO&sigv=1&esig=2~9b85ce780eb4250b45633cff0a24a5674806506e
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 23D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 23D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lZSzlSOTAtMTEtRDRVTw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lZSzlSOTAtMTEtRDRVTw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lZSzlSOTAtMTEtRDRVTw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 23D5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfQL4wAB9ibh5wBB
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfQL4wAB9ibh5wBB&_test=YfQL4wAB9ibh5wBB
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfQL4wAB9ibh5wBB&_test=YfQL4wAB9ibh5wBB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643383780.539642,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfQL4wAB9ibh5wBB&_test=YfQL4wAB9ibh5wBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 23D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rjeFIuO90eSsCkOXY1wTqMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6516239240358831435
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6516239240358831435
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Fri, 28 Jan 2022 15:29:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6516239240358831435
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 23D5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzhkMWIxNGY0N2Q3OGQxOTZlYzI1OTNmZTAyNjg4MGYwYmY0NmYwZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzhkMWIxNGY0N2Q3OGQxOTZlYzI1OTNmZTAyNjg4MGYwYmY0NmYwZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzhkMWIxNGY0N2Q3OGQxOTZlYzI1OTNmZTAyNjg4MGYwYmY0NmYwZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
c
c.mgid.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=305|253|8|vX6Hmh9Q-bneyN-X6TAJEBqKUjD-Z0DGjecTsfASVQZSa6FIM-C60eRHvfRMlXpK&fw=1&extjs=66044&cid=1229983&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=1a6f1d04-804f-11ec-ad16-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=17ea14e68bcb596a0fa&cbuster=1643383779332375812431&tpl=0
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:39 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
1984efc9-818e-4e3e-8ad0-aca515cd9a5e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41ece99b5b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CB6A 		360 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86d06f0e5f9de695408914746ded8bc3455d103eeedcc157750273d2d3ab6c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122261
x-xss-protection
0
expires
Fri, 28 Jan 2022 15:29:39 GMT
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame 038A 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CB6A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jan 2022 15:29:39 GMT
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame 06C3 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame A47A 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame CB6A 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetruedefender.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B49 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1169 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 680C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A47A 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2620881637731457&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2771103655&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383779817&cookie_enabled=1&scor=3474112922529258&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ Frame BAB8 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:38 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E0AF 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=123416
expires
Sun, 30 Jan 2022 01:46:35 GMT
date
Fri, 28 Jan 2022 15:29:39 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8127 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 28 Jan 2022 15:29:39 GMT
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame 06C3 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4255214597508135&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3422057204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383779836&cookie_enabled=1&scor=1136143547870943&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 038A 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndicaton_8&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=482642019514629&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383779840&cookie_enabled=1&scor=1615653989337798&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8127 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac931be8317ddd557641b52071fba107832e8ea03d8822c32b30693eacffc17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:39 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53026
content-type
text/html; charset=UTF-8
content-length
9707
expires
Sat, 29 Jan 2022 06:13:25 GMT
iframe.html
player.adtelligent.com/prebid/ Frame 8E38 		243 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/iframe.html?adid=25c511d8cb4cb7b&ref=null
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 29 Apr 2020 14:32:47 GMT
etag
W/"5ea9900f-f3"
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 28 Jan 2022 16:29:40 GMT
access-control-allow-origin
*
x-proxy-cache
HIT
uctag-rf.js
player.adtelligent.com/prebidlink/ Frame 8E38 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/uctag-rf.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=25c511d8cb4cb7b&ref=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/prebid/iframe.html?adid=25c511d8cb4cb7b&ref=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 11:07:33 GMT
server
nginx
etag
W/"5f0d91f5-993"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 16:29:40 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0Lzc2MzIxYTRkYjYxNGU3OWE3Z...
s-img.mgid.com/g/10881043/328x328/-/ Frame 1040
Redirect Chain
  • https://research.adtelligent.com/load?adId=105c7c5be7f5a5b&iv=1&placement=mgadt-place&c=455,0772&ref=thetruedefender.com&w=300&h=250&t=undefined&title=We%20List%20The%20Top%20Airlines%20With%20The%...
  • https://c.mgid.com/c?pv=2&v=0%7C0%7C0%7CDkPHkdU1HydltWsAIM5rXKIxTyn0KRw9OgzVNX_6q-7fsQBlsrCUXA5ORdR6KVAG&cid=1106084&f=1&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=1b456c44-804f-11ec-8a69-...
  • https://s-img.mgid.com/g/10881043/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90L...
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881043/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0Lzc2MzIxYTRkYjYxNGU3OWE3ZDgyM2JjZjc0MDhmYmRhLmpwZWc.webp?v=1643383778-MSMmrs5DT6HQ_UcOC57uVcwbRFc_Wp-Y7EZZgOQyQuI
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=25c511d8cb4cb7b&ref=null
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f7de172b782e8bc7432f984a695cbf698020eb3a465bf92d32637c9d6faebe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:45:28 GMT
x-mg-request-uuid
7a785760-5d87-4382-988f-980032d44c94
age
9942076
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d4b41f76cbb5b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18918
server
cloudflare

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:40 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
1e39fb72-2214-4b89-930c-b7b603c044d0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://s-img.mgid.com/g/10881043/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0Lzc2MzIxYTRkYjYxNGU3OWE3ZDgyM2JjZjc0MDhmYmRhLmpwZWc.webp?v=1643383778-MSMmrs5DT6HQ_UcOC57uVcwbRFc_Wp-Y7EZZgOQyQuI
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d4b41f63aba5b68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame 7F0C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0fd1fa7dfa8dac74e2482bdc033c7cf06f9aecedd7e0db1fbe06f6d4ee2206b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
openresty
date
Fri, 28 Jan 2022 15:29:40 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 28 Jan 2022 15:29:40 GMT
x-sid
AMS-605
content-encoding
gzip
rubicon
ex.ingage.tech/v1/syncPage/ Frame B8ED 		951 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-type
text/html
vary
Origin
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4b41f60b47911f-FRA
content-encoding
gzip
beacon
ap.lijit.com/ Frame E819 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Fri, 28 Jan 2022 15:29:40 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3dca1
ps
ssc-cms.33across.com/ Frame F9C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D33XUSERID33X
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Fri, 28 Jan 2022 15:29:41 GMT
/
onetag-sys.com/usync/ Frame D1B0 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1643383777026
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
check.html
biddr.brealtime.com/ Frame 8A1D 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Date
Fri, 28 Jan 2022 15:29:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
5783
Expires
Fri, 28 Jan 2022 15:30:40 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6d4b41f67f3290c0-FRA
Content-Encoding
gzip
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 0A87 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
4200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BF1ADcQ4a63IfURFzwgpQ8Kf3z6eFBqyz%2FMelwxOjDGOFL7parukXstLpjY6OUgz0GyraoUuHLJ2S7TzGJOZM6d2UKfdXIxcI6mKrOSR%2FqD0zEjBQ1Sg2J0umCGxivZNfHLyeK6cSxp%2BOHrVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d4b41f678bb9199-FRA
content-encoding
br
usermatch
ssum-sec.casalemedia.com/ Frame 82CE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
45a33e9a61d7debade9c9b8088f5961f2e180f5952c848e7d580ecd4845c944d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|88|196|241|3|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 28 Jan 2022 15:29:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:40 GMT
Content-Length
1695
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC5C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=123415
expires
Sun, 30 Jan 2022 01:46:35 GMT
date
Fri, 28 Jan 2022 15:29:40 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5DA1 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6E7E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 29 Jan 2022 15:29:42 GMT
Date
Fri, 28 Jan 2022 15:29:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame A09F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 28 Jan 2022 15:29:40 GMT
/
ssc-cms.33across.com/ps/ Frame 80F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 28 Jan 2022 15:29:40 GMT
services
sync.technoratimedia.com/ 		0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
578688638
access-control-allow-origin
https://thetruedefender.com/
access-control-allow-credentials
true
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/acuityads/
Redirect Chain
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%7B%24UID%7D
  • https://ex.ingage.tech/v1/sync/acuityads/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=a61817cdd6590422378b5f3d52977c6f40ad0c0c
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/acuityads/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=a61817cdd6590422378b5f3d52977c6f40ad0c0c
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d4b41f859a1911f-FRA

Redirect headers

Location
https://ex.ingage.tech/v1/sync/acuityads/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=a61817cdd6590422378b5f3d52977c6f40ad0c0c
Date
Fri, 28 Jan 2022 15:29:41 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usa
sync.go.sonobi.com/ 		0
0
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=0c3e4975-716b-45f0-a3af-2a59f0fb5469&gdpr=0
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=0c3e4975-716b-45f0-a3af-2a59f0fb5469&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d4b41f75ed6911f-FRA

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=0c3e4975-716b-45f0-a3af-2a59f0fb5469&gdpr=0
date
Fri, 28 Jan 2022 15:29:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsticator%26bsw_par...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=24733c9b3ed74358af68dc07cd252efd&ssp=insticator&bsw_param=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ex.ingage.tech/v1/sync/bidswitch/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&gdpr_consent=&us_privacy=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d4b41f9ad8f911f-FRA

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=ef4096a2-4bb9-4f99-991f-439b80106b4c&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 28 Jan 2022 15:29:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID&sovrn_retry=true
  • https://ex.ingage.tech/v1/sync/sovrn/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=7d794016c1f5a6268cb4db34
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/sovrn/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=7d794016c1f5a6268cb4db34
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6d4b41f869b5911f-FRA

Redirect headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ex.ingage.tech/v1/sync/sovrn/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=7d794016c1f5a6268cb4db34
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-99.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
41252
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Fri, 28 Jan 2022 04:02:10 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
MGmtZk4xBW-FxKF9kYWRbpk98LyEofqy8Ad7DmzIV6lUpRIUw2m7cg==
um
u-ams02.e-planning.net/ Frame 7F0C
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Daa0addc041eeb7fe
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=aa0addc041eeb7fe
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=aa0addc041eeb7fe
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=aa0addc041eeb7fe
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 7F0C 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Daa0addc041eeb7fe%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:40 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
4g85j1neugtmvmqt4svlsgreadqvlign
ptag
a.audrte.com/ Frame 7F0C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c749074cd657346d5e898b8fef7b515827d911da5f38de1f5c8bb13e4e7d46e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7F0C 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 27 Jan 2027 15:29:40 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7F0C
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Daa0addc041eeb7fe
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 7F0C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Daa0addc041eeb7fe%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Daa0addc041eeb7fe%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aa0addc041eeb7fe&uid=2776830976548104479
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aa0addc041eeb7fe&uid=2776830976548104479
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cd98c3d0-29ad-4f9f-8690-bb39bb57c2fd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aa0addc041eeb7fe&uid=2776830976548104479
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7FA0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 28 Jan 2022 15:29:41 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Fri, 28 Jan 2022 15:29:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A2B4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daa0addc041eeb7fe%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=123414
expires
Sun, 30 Jan 2022 01:46:35 GMT
date
Fri, 28 Jan 2022 15:29:41 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 84FE 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ddba7b3acd2ce7071f8d8857b8e19b2ab906d6b8b059c745d1c3dece93cc20e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|65|90|81|152|176|3|123
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 28 Jan 2022 15:29:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Content-Length
1420
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3631 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
H
cf4age
0
x-cf-tsc
1641922229
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame A0CB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A341 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5212f06b3be2f079f80bc49be0e9655b65784c3c8e17734ecb9771ee25f227e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4b41f7ecc5902a-FRA
content-encoding
br
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.32.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-32-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1643383781030&cid=6194c0f876cae755cd2701fa&VERSION=4.126.1&AV_PAGE_LOAD_UID=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_CDIM4=f7bd61da-7116-453b-a32b-e65d74bd27f7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 82CE 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6c4f:4351:131b:c252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 82CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 82CE 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.91.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-91-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 82CE 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643383781.056862,VS0,VE92
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 82CE
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
dcm
s.amazon-adsystem.com/ Frame 82CE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6K0PGFZQNZP458B29RH0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
94VZG8PGADXEGSS72184
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 82CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
MT3 4133 baa842e master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 28 Jan 2022 15:29:40 GMT
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/ix/ Frame 82CE 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=YfQL4-aFaJRH5L7u_8nPNQAABK0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
6d4b41f79f82911f-FRA
cs&eq_cc=1
um2.eqads.com/um/ Frame EFE0
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
4b6c4074f314ea6d35b79c35225c6c12eba58fb5ba61e332fe87eefef3717554

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 28 Jan 2022 15:29:41 GMT
pragma
no-cache

Redirect headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
bounce
ib.adnxs.com/ Frame 6E7E
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bb713c65-922f-4e7e-a76d-cd9a5fc521aa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
265c8a70-28c8-4de5-a655-3b0621073d1f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync
sync.aralego.com/ Frame 0A87 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
connection
close
content-length
35
content-type
image/gif
/
geo.privacymanager.io/ 		28 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 05:02:36 GMT
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront), 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
age
37625
x-amzn-requestid
b4795ab2-a471-438a-8e1e-5f9e7a7d0440
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61f378ec-01d24fe7337980940500a5e7;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1, FRA53-C1
x-amz-apigw-id
Mo_U-FRtDoEFkyQ=
content-length
28
x-amz-cf-id
WUe_2vhF7vCLQmi4a4xG5aq2QhYNUAMIAbk0fFzPXdpbvQ5TXwXBig==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
usync.html
eus.rubiconproject.com/ Frame B8ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 28 Jan 2022 15:29:41 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
date
Fri, 28 Jan 2022 15:29:41 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
rum
dsum-sec.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4403300313697522900
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4403300313697522900
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4403300313697522900
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643470181&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643470181&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643470181&gdpr=1
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
no_match_opted_out
um.simpli.fi/ Frame 84FE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 28 Jan 2022 15:29:41 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 28 Jan 2022 15:29:41 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 27 Jan 2022 15:29:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=wpJSXMTBUV3ZkA0KxsUZXMHFAF7ZlQYMlcfbqjWf
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=wpJSXMTBUV3ZkA0KxsUZXMHFAF7ZlQYMlcfbqjWf
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=wpJSXMTBUV3ZkA0KxsUZXMHFAF7ZlQYMlcfbqjWf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c4aa109a-ba94-4c4e-975c-645ecba7ff53
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c4aa109a-ba94-4c4e-975c-645ecba7ff53
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c4aa109a-ba94-4c4e-975c-645ecba7ff53
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
113
match.deepintent.com/usersync/ Frame 84FE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
content-length
0
server
c
crum
dsum-sec.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f63961f4-0be3-4f00-b0ba-0f24ee96f431&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 28 Jan 2022 15:29:40 GMT
rum
dsum-sec.casalemedia.com/ Frame 84FE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TW8uJgUuRMx8-jcSALqIfFQTr7c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TW8uJgUuRMx8-jcSALqIfFQTr7c
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TW8uJgUuRMx8-jcSALqIfFQTr7c
Date
Fri, 28 Jan 2022 15:29:41 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
um
u-ams02.e-planning.net/ Frame 84FE 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=aa0addc041eeb7fe&uid=YfQL4.aFaJRH5L7u-8nPNQAA%261197
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daa0addc041eeb7fe%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 7FA0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac931be8317ddd557641b52071fba107832e8ea03d8822c32b30693eacffc17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53024
content-type
text/html; charset=UTF-8
content-length
9707
expires
Sat, 29 Jan 2022 06:13:25 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7FA0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KYYK9R90-11-D4UO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame B8ED 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7ac931be8317ddd557641b52071fba107832e8ea03d8822c32b30693eacffc17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=53024
content-type
text/html; charset=UTF-8
content-length
9707
expires
Sat, 29 Jan 2022 06:13:25 GMT
getuid
ib.adnxs.com/ Frame A341 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A341 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=db326c28-f13c-4d7e-a0f5-e0eb44acfbff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=db326c28-f13c-4d7e-a0f5-e0eb44acfbff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41f9b9fd902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=db326c28-f13c-4d7e-a0f5-e0eb44acfbff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame A341 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df...
  • https://mwzeom.zeotap.com/mw?cid=12e991e3-eff2-4023-b408-14a8da9c2828&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=12e991e3-eff2-4023-b408-14a8da9c2828&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41f9898a902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=12e991e3-eff2-4023-b408-14a8da9c2828&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame A341 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1643383781.346102,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4080-HHN
u
dmp.v.fwmrm.net/ad/ Frame A341 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A341 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b200c7-58cf-4604-42ec-bfdfee9f50b8%26reqId%3Df173655e-624e-4d6e-54fa-d5e6e211a020%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=5b92e16a-2a44-45d6-8344-95e6cff4ad66&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5b92e16a-2a44-45d6-8344-95e6cff4ad66&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fa7be4902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=5b92e16a-2a44-45d6-8344-95e6cff4ad66&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=13068121332584453220933003663617746640&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=13068121332584453220933003663617746640&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fa7bdd902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v027-0a827ee29.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kWD4tT8CTMo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=13068121332584453220933003663617746640&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame A341 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022012816-39176-0.676279001643383782-a300f6a92519bec3e88331b04ddde8b1&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022012816-39176-0.676279001643383782-a300f6a92519bec3e88331b04ddde8b1&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41f9fab0902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022012816-39176-0.676279001643383782-a300f6a92519bec3e88331b04ddde8b1&zdid=533&env=mWeb
Date
Fri, 28 Jan 2022 15:29:42 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7058279594180081808&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7058279594180081808&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41f999c2902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7058279594180081808&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame A341
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=07b200c7-58cf-4604-42ec-bfdfee9f50b8
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=07b200c7-58cf-4604-42ec-bfdfee9f50b8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=07b200c7-58cf-4604-42ec-bfdfee9f50b8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=pGFF2/Cx64ji/pEk0NYfIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=pGFF2/Cx64ji/pEk0NYfIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fa4b7a902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
last-modified
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=pGFF2/Cx64ji/pEk0NYfIe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame A341 		36 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.102 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=07b200c7-58cf-4604-42ec-bfdfee9f50b8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=07b200c7-58cf-4604-42ec-bfdfee9f50b8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=27d45916ff1f43e009521d51db87ae96&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-62...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=27d45916ff1f43e009521d51db87ae96&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fadcfd902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=27d45916ff1f43e009521d51db87ae96&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
cache-control
no-cache
x-server
10.45.20.41
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-4hRQlBJE2orDmNOIg7RRMNvtBK3g4l_CPw--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-4hRQlBJE2orDmNOIg7RRMNvtBK3g4l_CPw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41faccd1902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 28 Jan 2022 15:29:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-4hRQlBJE2orDmNOIg7RRMNvtBK3g4l_CPw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BMi8IM7tZ1TL5Iq35HZ0nAFza4ckULIW%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BMi8IM7tZ1TL5Iq35HZ0nAFza4ckULIW%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fafd49902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=%2BMi8IM7tZ1TL5Iq35HZ0nAFza4ckULIW%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame A341 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame A341 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.161.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-161-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1643383781
x-served-by
beacon-n005-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A341 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfQL4wAB9ibh5wBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfQL4wAB9ibh5wBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41f9da30902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643383781.305071,VS0,VE90
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YfQL4wAB9ibh5wBB&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=f63961f4-0be3-4f00-b0ba-0f24ee96f431&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f63961f4-0be3-4f00-b0ba-0f24ee96f431&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fbbf2c902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=f63961f4-0be3-4f00-b0ba-0f24ee96f431&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 28 Jan 2022 15:29:40 GMT
usermatch.gif
beacon.krxd.net/ Frame A341
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
54.211.161.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-161-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1643383781
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
date
Fri, 28 Jan 2022 15:29:41 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame A341
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42e...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42e...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&dcc=t
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5677PSNJACXZ2CM01H19
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EKB6TFRZZK7KVPTTN624
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame A341 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:41 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame A341
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D07b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6d4b41fc893a902a-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
date
Fri, 28 Jan 2022 15:29:41 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame A341 		557 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7f4dba533725a91f82dd10ef281346ff02f90971233053d622e8feac4cd284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d4b41f928a4902a-FRA
date
Fri, 28 Jan 2022 15:29:41 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Fri, 28 Jan 2022 15:29:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B8ED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=KYYK9R90-11-D4UO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7F0C 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 06:35:36 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
32051
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
gJ2yvUfveY7J71lA7kSjV-w9La_SMZQXSa6ornoKxNdzBLwx7j_2oQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BA02 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

server
openresty
date
Fri, 28 Jan 2022 15:29:40 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 27 Jan 2027 15:29:40 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
ex.ingage.tech/v1/sync/eplanning/ Frame 71D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21?uid=AFXrAaTzGI5QEAzV
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
vary
Origin
access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4b41fa1ec2911f-FRA
crum
dsum-sec.casalemedia.com/ Frame EFE0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=779160fc-4ea5-41e3-807a-dedf978e115b&expiration=1651159781
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 28 Jan 2022 15:29:41 GMT
GS.d
js.cookieless-data.com/ Frame BA02 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1643383781494
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:41 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
cmp
spl.zeotap.com/ Frame A341 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 28 Jan 2022 15:29:41 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d4b41fbaf12902a-FRA
multitracking
ghb.adtelligent.com/adunit/ Frame BAB8 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456495/hbw_master_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:40 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
ptrack
a.audrte.com/ Frame 7F0C 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=84.19.175.183&p=M1353665098&artime=2022-01-28T15:29:42.052Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9ydWlkbT0xJmR1PWh0dHBzJTNBJTJGJTJGZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMlMkZlcGxhbm5pbmclMkYxYjhhNTcwNC1hZmNlLTRjMWUtYTFhNy04Y2Y3YzNmOTdkMjElM0Z1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dGhldHJ1ZWRlZmVuZGVyLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e6e1f3e5e9d2bbde9dc7dd18394c3edee9841d732c032f54d3f3e992227245bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://sync.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
async_usersync
ib.adnxs.com/ Frame 6E7E 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jan 2022 15:29:42 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
173d3705-4637-4f56-85f9-2c22d04a876d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/ 		191 KB
192 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1643374495/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1643374412515.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3ca8f5174ebdece3fb0af0617860698db936b0cd3865539cdca18dcd6e9c859d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1029488-1225383

Response headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Cache-Tag
189005398876514963976718242743128168888,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1029488-1225383/1597436
Connection
keep-alive
Content-Length
195896
X-Served-By
cache-dca17775-DCA
Last-Modified
Fri, 28 Jan 2022 12:55:03 GMT
Server
cloudinary
X-Timer
S1643374832.545114,VS0,VE0
ETag
"84704474c9317161990062cb63451062"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31548694
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=88660&t=1643383778&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643383778975-922024128334-008896-011-004958&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=97189703415&cd1=4.126.1&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 28 Jan 2022 15:29:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sid
mug.criteo.com/ Frame BAB8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&bundle=Y490n19BYXVwQWtOQnp2bTIwSFVHM1E4JTJGTlRiTCUyRlNiQnhFTTNkRW9vT3ZlQjFxTjVQYXU0VFlmSnJkUmZVblh6OUVTbm92...
  • https://mug.criteo.com/sid?cpp=grkkoXxNbURWTnBrZm1Kdk1ERlFlVEp0TW0yUE5PbjBmN1ptWkxxNzFzY241NW10NEhmdGpaZkM1N1ZlRVA1RHROaUJBWm5KMXoyUGVSbS81QnpaSzVha0RHczRZcHpnUlk3QXVrcjZZSCtNZDZXR1RXY0p0YlZKTWYyUU...
352 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=grkkoXxNbURWTnBrZm1Kdk1ERlFlVEp0TW0yUE5PbjBmN1ptWkxxNzFzY241NW10NEhmdGpaZkM1N1ZlRVA1RHROaUJBWm5KMXoyUGVSbS81QnpaSzVha0RHczRZcHpnUlk3QXVrcjZZSCtNZDZXR1RXY0p0YlZKTWYyUURCNitmM0Q4aitOQysxRHk3Nk1XUk9lSEtuZnJqdElURnVpaGhYWEJyem5ycDNTUGpmcXFQSTVkYWx5TzVoYk9ZSW1QVGtxbVVuczBBbjFaRVAvUjA3MDRVTlRrVnp6T0NoL1cyM0tVSkxTVjlwaWcvdWxvODJWYmtOS1JsZWIreFhtSnRkbVJ1fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0a365f9f1d59699b3e7ea58fb612f1180caedca058cbacd853a271d00dda26c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2366
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:43 GMT
location
https://mug.criteo.com/sid?cpp=grkkoXxNbURWTnBrZm1Kdk1ERlFlVEp0TW0yUE5PbjBmN1ptWkxxNzFzY241NW10NEhmdGpaZkM1N1ZlRVA1RHROaUJBWm5KMXoyUGVSbS81QnpaSzVha0RHczRZcHpnUlk3QXVrcjZZSCtNZDZXR1RXY0p0YlZKTWYyUURCNitmM0Q4aitOQysxRHk3Nk1XUk9lSEtuZnJqdElURnVpaGhYWEJyem5ycDNTUGpmcXFQSTVkYWx5TzVoYk9ZSW1QVGtxbVVuczBBbjFaRVAvUjA3MDRVTlRrVnp6T0NoL1cyM0tVSkxTVjlwaWcvdWxvODJWYmtOS1JsZWIreFhtSnRkbVJ1fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1707
content-length
509
expires
0
692.json
id5-sync.com/g/v2/ Frame BAB8 		212 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19021/hb_449880_13673.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
81d9df15acc855bbe6ac4816da7f471c24225fc58d96a297691cd722e9aaa26a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Fri, 28 Jan 2022 15:29:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
p
a.audrte.com/ Frame 7F0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=&google_gid=CAESEERiNtq9azfVu4a_5vY0bpg&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:44 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 7F0C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame 7F0C
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=982813497444233584
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 28 Jan 2022 15:29:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=cddM-NiqGtCTZWX9wabZoSPHQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&bundle=Y490n19BYXVwQWtOQnp2bTIwSFVHM1E4JTJGTlRiTCUyRlNiQnhFTTNkRW9vT3ZlQjFxTjVQYXU0VFlmSnJkUmZVblh6OUVTbm92Z3ZPOHFwUXViJTJGUTF2ZlJWd213dEdybjluN3RhdlVMaWRlQVJKRlhacTk2QjZmJTJGdmJnOUhuUUZXMlJDS1Vo&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1534
date
Fri, 28 Jan 2022 15:29:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=grkkoXxNbURWTnBrZm1Kdk1ERlFlVEp0TW0yUE5PbjBmN1ptWkxxNzFzY241NW10NEhmdGpaZkM1N1ZlRVA1RHROaUJBWm5KMXoyUGVSbS81QnpaSzVha0RHczRZcHpnUlk3QXVrcjZZSCtNZDZXR1RXY0p0YlZKTWYyUURCNitmM0Q4aitOQysxRHk3Nk1XUk9lSEtuZnJqdElURnVpaGhYWEJyem5ycDNTUGpmcXFQSTVkYWx5TzVoYk9ZSW1QVGtxbVVuczBBbjFaRVAvUjA3MDRVTlRrVnp6T0NoL1cyM0tVSkxTVjlwaWcvdWxvODJWYmtOS1JsZWIreFhtSnRkbVJ1fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1019
date
Fri, 28 Jan 2022 15:29:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/ Frame C363 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
61a4c699513f6f55615aefdd25e0aea5416f0cee4d0516c527874792fac3011b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Fri, 28 Jan 2022 15:29:44 GMT
content-type
text/html;charset=utf-8
content-length
1033
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.3.8
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
tpid=YfQL4wAB9ibh5wBB
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame C363
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YfQL4wAB9ibh5wBB
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YfQL4wAB9ibh5wBB
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.73
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643383785.533208,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YfQL4wAB9ibh5wBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
5907
tags.bluekai.com/site/ Frame C363 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=3228a712fb61acc07ced741a54696ce5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 28 Jan 2022 15:29:44 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame C363 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=27d45916ff1f43e009521d51db87ae96
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.161.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-161-228.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1643383784
x-served-by
beacon-n035-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
global.ib-ibi.com/ Frame C363 		0
0
generic
match.adsrvr.org/track/cmf/ Frame C363 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
qmap
sync.crwdcntrl.net/ Frame C363
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f63961f4-0be3-4f00-b0ba-0f24ee96f431
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f63961f4-0be3-4f00-b0ba-0f24ee96f431
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=915990627/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.203
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 28 Jan 2022 15:29:44 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=f63961f4-0be3-4f00-b0ba-0f24ee96f431
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 28 Jan 2022 15:29:43 GMT
vast2
tag.targeting.unrulymedia.com/rmp/243572/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/243572/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383785001
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383785001
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383785002
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&w=410&h=231&cbb=3383785002
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=88660&t=1643383778&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643383778975-922024128334-008896-011-004958&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=97189703415&cd1=4.126.1&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=request&cb=1643383785004&asid=5f06eb963739774ab35ff916%2C5f8c4fcaf3eefc7b4d24fc09%2C61b754ed61c198758737a774%2C61129c5f0e70e663bd7c5b71%2C5e1b272e28a06142643c20cd%2C5fbe5d4370a94c4b696b7ccc%2C5fbe5add3443ef680f0480d7%2C60c60c3b1731ed2b383f0908%2C604e0bb1f199b154cc115338%2C5fa2a98bba80693a416064d7%2C60ebfe86a4a7792110515aa4%2C59f5f23628a0612040036b8f%2C5fc8b1c9ba2b560f616098b8%2C5fd1f2cc9772f87a350a855b&ofpr=%2C%2C%2C%2C3%2C2.8%2C%2C%2C2%2C%2C%2C3%2C3%2C1.5&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/216551/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203144/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
291afe191e5ef35c94a88f71577db71cc4b3a5c67d4f60544e1443f3dd655455

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.18.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-18-139.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
741b47c86e8a6bc8cf9caaaac1d725c79c5069798a7ec6e8017e44da14f44441

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Fri, 28 Jan 2022 15:29:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=88660&t=1643383778&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643383778975-922024128334-008896-011-004958&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=97189703415&cd1=4.126.1&cd4=f7bd61da-7116-453b-a32b-e65d74bd27f7&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=bid&cb=1643383785085&asid=5f06eb963739774ab35ff916%2C5f8c4fcaf3eefc7b4d24fc09%2C5fa2a98bba80693a416064d7%2C60ebfe86a4a7792110515aa4&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-151-221.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame A2B6 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame CB6A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetruedefender.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame 6871 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame 7FD3 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.497.0_en.html
imasdk.googleapis.com/js/core/ Frame EDE9 		584 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194721
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 27 Jan 2022 03:23:24 GMT
expires
Fri, 27 Jan 2023 03:23:24 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 27 Jan 2022 03:18:10 GMT
content-type
text/html
age
129981
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82AA 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E305 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 31E8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3D9F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 28 Jan 2022 16:08:15 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A2B6 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndicaton_8&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3071502952447046&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383785547&cookie_enabled=1&scor=1877554776913006&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6871 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3692931713647430&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3422057204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383785552&cookie_enabled=1&scor=134575110828001&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7FD3 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1951406458607727&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2771103655&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383785559&cookie_enabled=1&scor=130345041402938&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EDE9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2556948929947513&sdkv=h.3.497.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3669612853&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.497.0&sid=55EB2B86-FCC5-4737-9336-891265A708E7&nel=0&eid=44750824&url=https%3A%2F%2Fthetruedefender.com%2Ftrump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video%2F&dt=1643383785564&cookie_enabled=1&scor=2047040523158457&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.497.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 15:29:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2F1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21%3Fuid%3D
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=27d45916ff1f43e009521d51db87ae96

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| exactmetrics_frontend object| twemoji object| wp function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| FullworksAntiSpamFELO object| Insticator object| header boolean| mnIsDark boolean| tnIsDark object| ldAdInit object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __twttrll object| twttr object| __twttr boolean| jQueryScriptOutputted function| initJQuery object| _peq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| JetpackInstantSearchOptions object| webpackChunkwebpack object| wpcom object| _tkq object| _stq object| jetpackLazyImagesL10n object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| is_boxed_layout boolean| megaMenuAjax object| Modernizr function| TieSticky object| $the_post object| $postContent object| addComment function| loadCSS string| c object| InsticatorXmess object| jeengConfig object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| st_go function| linktracker_init object| php_js object| _peSd object| _peD object| _peE object| _pe number| distance number| time object| animationAction object| _ldStickyConfig object| _ldAdIdMap object| gaplugins object| gaGlobal object| gaData object| InsticatorApp string| insticatorHeaderCodeVersion object| googletag object| instBid undefined| isChrome undefined| stackLineNum undefined| stackLineString undefined| errorLoc undefined| errorMsg object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant object| _mgIntExchangeNews object| MarketGidInfC1229463 function| MarketGidCContextBlock1229463 function| MarketGidCMainBlock1229463 function| MarketGidCInternalExchangeBlock1229463 function| MarketGidCRejectBlock1229463 function| MarketGidCCriteoBlock1229463 function| MarketGidCInternalExchangeLoggerBlock1229463 function| MarketGidCObserverBlock1229463 function| MarketGidCSendDimensionsBlock1229463 function| MarketGidCRtbBlock1229463 function| MarketGidCDiscountBlock1229463 function| MarketGidCIframeSizeChangerBlock1229463 function| MarketGidCContentPreviewBlock1229463 boolean| mg_loaded_674711_1229463 object| MarketGidInfC1229983 function| MarketGidCContextBlock1229983 function| MarketGidCMainBlock1229983 function| MarketGidCInternalExchangeBlock1229983 function| MarketGidCRejectBlock1229983 function| MarketGidCCriteoBlock1229983 function| MarketGidCInternalExchangeLoggerBlock1229983 function| MarketGidCObserverBlock1229983 function| MarketGidCSendDimensionsBlock1229983 function| MarketGidCRtbBlock1229983 function| MarketGidCIframeSizeChangerBlock1229983 function| MarketGidCContentPreviewBlock1229983 function| MarketGidCResponsiveBlock1229983 boolean| mg_loaded_674711_1229983 object| MarketGidInfC1229464 function| MarketGidCContextBlock1229464 function| MarketGidCMainBlock1229464 function| MarketGidCInternalExchangeBlock1229464 function| MarketGidCRejectBlock1229464 function| MarketGidCCriteoBlock1229464 function| MarketGidCInternalExchangeLoggerBlock1229464 function| MarketGidCObserverBlock1229464 function| MarketGidCSendDimensionsBlock1229464 function| MarketGidCRtbBlock1229464 function| MarketGidCIframeSizeChangerBlock1229464 function| MarketGidCContentPreviewBlock1229464 function| MarketGidCResponsiveBlock1229464 boolean| mg_loaded_674711_1229464 boolean| _ldStickyRendered object| __connect function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT string| partnerName string| key function| instBidChunk function| lightboxjs function| lightboxlib object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17105708502037898262_1643383777295 object| onClickExcludes function| mgReject1229463 function| mgLoadAds1229463_0fa68 function| MarketGidCReject1229463 function| MarketGidLoadGoods1229463_0fa68 function| mgReject1260300 function| mgLoadAds1260300_0fa68 function| MarketGidCReject1260300 function| MarketGidLoadGoods1260300_0fa68 function| mgReject1229983 function| mgLoadAds1229983_0fa93 function| MarketGidCReject1229983 function| MarketGidLoadGoods1229983_0fa93 function| mgReject1229464 function| mgLoadAds1229464_152c0 function| MarketGidCReject1229464 function| MarketGidLoadGoods1229464_152c0 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint674711 string| _mgPvid boolean| _mgPageView674711 function| LoadCriteoAllPlaces1229464_152c0 function| LoadCriteoAllPlaces1229983_0fa93 object| ggeac object| google_js_reporting_queue boolean| i.js.loaded boolean| i-noref.js.loaded undefined| google_measure_js_timing object| jQuery17105708502037898262 function| _mgLib1_11_78 function| _mgwqp function| LoadCriteoAllPlaces1260300_0fa68 object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| __EXCO string| pbPageIdentifier function| Hls function| av_sciv_hndlr1643383778662 object| storageAni object| ADAGIO object| _ADAGIO object| _mgwcapping boolean| _mgPageImp674711 number| google_global_correlator object| closure_lm_536100 object| ats

95 Cookies

Domain/Path Name / Value
thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video Name: exco-uid
Value: t2k78x5dhjqql4jr
thetruedefender.com/ Name: PHPSESSID
Value: 04798716d0a222940f090e6a7da00819
.mgid.com/ Name: __cf_bm
Value: CLT4QNlq8uqBOTRN9VSNiKamx7.zlram0yUt8Wh2NJU-1643383776-0-AeESpXxuG+i42yHOO5KmnSkEiuKsmngmIQHYaFe8z+b4eYRsNQ0JmRExxsHAR2duCrNJ87FrY3SI889EQi+wKqs=
.thetruedefender.com/ Name: _ga
Value: GA1.2.1609817729.1643383777
.thetruedefender.com/ Name: _gid
Value: GA1.2.1083317317.1643383777
thetruedefender.com/ Name: InstiSession
Value: eyJpZCI6ImMyNmQzOWQ5LTIzMjQtNGIzNS1iZmJiLWNlYmE1NjE1MGY1OCIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.thetruedefender.com/ Name: tk_ai
Value: mAurPgtmorYw5ZBhNdvwjCxv
.thetruedefender.com/ Name: _gat_gtag_UA_186892928_1
Value: 1
thetruedefender.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thetruedefender.com/ Name: _pubcid
Value: 11e1ba2b-7787-4797-8f88-9b22cdc75145
thetruedefender.com/ Name: hb_insticator_uid
Value: 1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
thetruedefender.com/ Name: ucf_uid
Value: 74b6978a-9964-488a-92bd-aa4c6a5ed253
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AFXrAaTzGI5QEAzV
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s568|YfQL5
thetruedefender.com/ Name: cto_bidid
Value: qAwZwV95cHU2dzR4T1lXQmhnUXRrNlJrV0FucTRkWU9xYWl6ZGVIT2xFeWx1NU5SWTc1a2M5VUJveGNaeFBWUFM2dnlTVU1NTElQMm8lMkI2MGN1QTE0SGpXcU1nJTNEJTNE
thetruedefender.com/ Name: cto_bundle
Value: Y490n19BYXVwQWtOQnp2bTIwSFVHM1E4JTJGTlRiTCUyRlNiQnhFTTNkRW9vT3ZlQjFxTjVQYXU0VFlmSnJkUmZVblh6OUVTbm92Z3ZPOHFwUXViJTJGUTF2ZlJWd213dEdybjluN3RhdlVMaWRlQVJKRlhacTk2QjZmJTJGdmJnOUhuUUZXMlJDS1Vo
.aralego.com/ Name: sspid
Value: 74b6978a-9964-488a-92bd-aa4c6a5ed253
prebid.a-mo.net/ Name: __amc
Value: 1_1643383777_1643383777
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
.mgid.com/ Name: muidn
Value: m0sBZh2O2Ft7
thetruedefender.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1229463%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643383777873%7D%2C%22C1229983%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643383777685%7D%2C%22C1229464%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643383777681%7D%7D
thetruedefender.com/ Name: _lr_retry_request
Value: true
thetruedefender.com/ Name: _lr_env_src_ats
Value: false
.rubiconproject.com/ Name: khaos
Value: KYYK9R90-11-D4UO
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3+ODadgLOcD+bASkO6QPb7E03ikE5KqM2Ac5uHgCNHvlA/CcwBaJ2At5VzFyCJM1fzH6Xl1jf532jYHTlS9mMv/Snpek2glW2yqVI1k5poNA==
.adsrvr.org/ Name: TDID
Value: 12e991e3-eff2-4023-b408-14a8da9c2828
thetruedefender.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2212e991e3-eff2-4023-b408-14a8da9c2828%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-28T15%3A29%3A39%22%7D
.adtelligent.com/ Name: vmuid
Value: f1e761115bb78e79
.thetruedefender.com/ Name: panoramaId_expiry
Value: 1643470178998
.aniview.com/ Name: aniC
Value: 1643383778975-922024128334-008896-011-004958
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: d9cbfbde-9d3f-531c-8288-29c6e37c2225
.betweendigital.com/ Name: ut
Value: YfQL4wAA-gAtDI5mETYNZs_qRbM2QBopiBIXcQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.casalemedia.com/ Name: CMID
Value: YfQL4.aFaJRH5L7u-8nPNQAA
.casalemedia.com/ Name: CMPS
Value: 3194
.casalemedia.com/ Name: CMPRO
Value: 1197
.acuityplatform.com/ Name: auid
Value: 643277099282
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPygpZn2CmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT8oKWZ9go90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.owneriq.net/ Name: si
Value: Q6966701791962654085
.owneriq.net/ Name: p2
Value: cc
.doubleclick.net/ Name: IDE
Value: AHWqTUmbFi-hnhUDLy5lG0Ew-3VPbP0oLfmDDSVFmoRz79HzDYGbJA5gFpcf1OhwyfE
.mathtag.com/ Name: uuid
Value: f63961f4-0be3-4f00-b0ba-0f24ee96f431
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfQL4wAB9ibh5wBB
.aniview.com/ Name: 2_C_42
Value: YfQL4.aFaJRH5L7u-8nPNQAA&1197
sync.aniview.com/ Name: 2_C_42
Value: YfQL4.aFaJRH5L7u-8nPNQAA&1197
.yahoo.com/ Name: A3
Value: d=AQABBOML9GECED9RGnYXiglD0-9wa9WwTS4FEgEBAQFd9WH9YQAAAAAA_eMAAA&S=AQAAArJYSy0IPlNlrLhIE1abCE8
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQ0NzM2MDO0MLewMLW0MLEwNRPiM9QN8s73CTTOdtPNKykBALMELzslAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJsbGFsbm5pbm4KAHbazBcQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQ0NzM2MDO0MLewMLW0MLEwNRPiM9QN8s73CTTOdtPNKymR4jU0MzE2tjA2N7c0NzcFAHb3Xro0AAAA
thetruedefender.com/ Name: hbmp_cap_h
Value: eyJhZHRyZXNlYXJjaF9ta3AiOjF9
thetruedefender.com/ Name: hbmp_cap_d
Value: eyJhZHRyZXNlYXJjaF9ta3AiOjF9
.bidswitch.net/ Name: tuuid
Value: ef4096a2-4bb9-4f99-991f-439b80106b4c
.bidswitch.net/ Name: c
Value: 1643383780
.a-mo.net/ Name: amuid2
Value: 0c3e4975-716b-45f0-a3af-2a59f0fb5469
.bidswitch.net/ Name: tuuid_lu
Value: 1643383781
.lijit.com/ Name: ljt_reader
Value: 7d794016c1f5a6268cb4db34
ex.ingage.tech/ Name: instUid
Value: 1b8a5704-afce-4c1e-a1a7-8cf7c3f97d21
.casalemedia.com/ Name: CMST
Value: YfQL42H0C+UA
.admanmedia.com/ Name: admtr
Value: a61817cdd6590422378b5f3d52977c6f40ad0c0c
.adnxs.com/ Name: uuid2
Value: 3796705460992062323
thetruedefender.com/ Name: _lr_geo_location
Value: DE
.quantserve.com/ Name: d
Value: EHkBDQGnJbjvsQA
.quantserve.com/ Name: mc
Value: 61f40be5-39b2f-45f46-62dad
.simpli.fi/ Name: suid
Value: 4F7D744E5D7D42E09126AF6DEC07E1AA
.zeotap.com/ Name: zc
Value: 07b200c7-58cf-4604-42ec-bfdfee9f50b8
.zeotap.com/ Name: zsc
Value: %E2%DA%0F%A39%81m%F0%E0%DF%C8%3F%08%02%B0%D9xW%F7%A3G%E6%16%CCX%E5E%5D%AC%14n%E2%A8%E9%B6%D3%3D%99%60%1A%2A%19%F65%EEoB%0Ea%E9%F25h%E6%9D%CBq%9F%E6L%89%B6%D7%B2L%07%C3%89%BA%EF%CA.w%FF%EDE%82%24%08K%D2%C8%F9%DCu%19%26%D7D%15%F0%12hk%BB%9A%D6a%7B%A6ba%2337%8C%3A%BC%BF%A8%E71l%DE%BB%0B%82%E7%7D%A8mK%BA%26%2F%1C%9E%B7%E7%8C%9C7%BF%16r%94%2F%FB_%05%06%2C%3F%F2%99%24%97%C8%1E%1D%FF8%2C%04%AD%B2%F9%B6%A33%FF%B3A%8F%04%CE%06%BD
.richaudience.com/ Name: avcid-zeo-uid
Value: 07b200c7-58cf-4604-42ec-bfdfee9f50b8
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjAwsW_t5-xOhAFOAFaBzJ4bGdyemxgAg..
.admixer.net/ Name: am-uid
Value: 24733c9b3ed74358af68dc07cd252efd
.tapad.com/ Name: TapAd_TS
Value: 1643383781344
.tapad.com/ Name: TapAd_DID
Value: db326c28-f13c-4d7e-a0f5-e0eb44acfbff
.adfarm1.adition.com/ Name: UserID1
Value: 7058279594180081808
.eqads.com/ Name: EQUser
Value: UID=779160fc-4ea5-41e3-807a-dedf978e115b
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.weborama.fr/ Name: AFFICHE_W
Value: MfN81wfualQx42
.demdex.net/ Name: demdex
Value: 13068121332584453220933003663617746640
.tidaltv.com/ Name: tidal_ttid
Value: 5b92e16a-2a44-45d6-8344-95e6cff4ad66
.theadex.com/ Name: axd
Value: 4284318869488031246
.theadex.com/ Name: tis_XQL
Value: XQLeAvAv
.dpm.demdex.net/ Name: dpm
Value: 13068121332584453220933003663617746640
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA0tDK0MAIA1A5ySgkAAAA="
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.aralego.com/ Name: gdpr
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A%2FYO6saHHQXAUaZmdqVZoOAJs7lI4%2F1B6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4d6f2e26-052e-44cc-7cfa-371200ba887c.KmQ1wfoEEHCH3YoGeC%2FklKNtiIF7jJMe%2FI3kXtcI7eo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-4d6f2e26-052e-44cc-7cfa-371200ba887c%24ip%2484.19.175.183.lVKrCyx0Yr81EhjMRZz6Ye0bDp4yOEepWq2fLSTaEmo
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.turn.com/ Name: uid
Value: 4403300313697522900
.casalemedia.com/ Name: CMRUM3
Value: 0a61f40be32760643277099282&4961f40be405a0&2861f40be52760779160fc-4ea5-41e3-807a-dedf978e115b&3961f40be327601976306187885984856&e661f40be32760&ce61f40be305a0&2761f40be30b40&8261f40be4a8c0&5161f40be52760wpJSXMTBUV3ZkA0KxsUZXMHFAF7ZlQYMlcfbqjWf&1f61f40be305a00&4161f40be505a0&9861f40be505a00&2d61f40be32760CAESEHwyogsxmYIS72r7D9DqkFc&c461f40be405a0&0361f40be52760f63961f4-0be3-4f00-b0ba-0f24ee96f431&5861f40be405a0&7b61f40be52760TW8uJgUuRMx8-jcSALqIfFQTr7c&f161f40be405a0&5a61f40be505a0&0461f40be527604403300313697522900&b061f40be505a00&2e61f40be405a0
.krxd.net/ Name: _kuid_
Value: OoPyLVn_
.fwmrm.net/ Name: _uid
Value: "eb82b_7058279594172748823"

8 Console Messages

Source Level URL
Text
javascript error URL: https://thetruedefender.com/trump-declares-he-will-get-back-the-oval-office-in-behind-the-scenes-video/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=88' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=07b200c7-58cf-4604-42ec-bfdfee9f50b8&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=07b200c7-58cf-4604-42ec-bfdfee9f50b8&reqId=f173655e-624e-4d6e-54fa-d5e6e211a020&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=27d45916ff1f43e009521d51db87ae96
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
atrack.avplayer.com
ats.rlcdn.com
auth.instiengage.com
b2c.insticator.com
bcp.crwdcntrl.net
beacon.krxd.net
biddr.brealtime.com
bn01.er.bemail.it
c.mgid.com
c0.wp.com
casale-match.dotomi.com
cdn.aralego.net
cdn.mgid.com
cdn.syndication.twimg.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
ce.lijit.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
cms.analytics.yahoo.com
confiant-integrations.global.ssl.fastly.net
cs.admanmedia.com
d3lcz8vpax4lo2.cloudfront.net
dashboard.insticator.com
df80k0z3fi8zg.cloudfront.net
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.optad360.io
get.s-onetag.com
ghb.adtelligent.com
global.ib-ibi.com
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js.cookieless-data.com
jsc.mgid.com
lightboxapi.azurewebsites.net
loadeu.exelator.com
lockerdome.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mcd.ex.co
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.midserved.com
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pbs.twimg.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
premiumsrv.aniview.com
product.instiengage.com
ps.eyeota.net
pubads.g.doubleclick.net
public-api.wordpress.com
px.owneriq.net
research.adtelligent.com
rtb.adxpremium.services
rtb.openx.net
s-img.mgid.com
s.amazon-adsystem.com
s.e-planning.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.aniview.com
sync.aralego.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
syndication.twitter.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
telemetries.jeeng.com
thetruedefender.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
u-ams02.e-planning.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
usermatch.krxd.net
users.api.jeeng.com
video-native.mgid.com
video.twimg.com
www.google-analytics.com
www.googletagmanager.com
www.lightboxcdn.com
x.bidswitch.net
api.rlcdn.com
dashboard.insticator.com
global.ib-ibi.com
sync.go.sonobi.com
100.25.32.111
104.111.215.191
104.111.242.53
104.154.142.214
104.17.119.107
104.19.136.78
104.244.42.72
104.36.113.23
135.125.163.79
142.250.184.194
142.250.186.130
143.204.215.41
143.204.215.96
147.75.61.140
151.1.205.165
151.101.193.194
151.101.194.132
151.101.2.49
154.59.122.79
162.210.196.208
168.119.79.223
169.197.150.8
169.50.137.184
178.162.133.150
178.250.0.157
18.135.59.14
18.156.0.31
18.156.181.30
18.196.230.57
18.197.18.139
18.215.193.43
184.30.24.185
184.30.24.198
184.30.24.241
185.184.8.65
185.29.134.244
185.64.189.112
185.83.70.67
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.23
192.96.200.41
193.122.174.27
198.8.71.128
2.16.186.146
2.18.233.201
20.40.202.0
204.62.13.72
205.234.175.175
209.54.180.3
212.82.100.182
213.19.147.42
23.37.42.132
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2600:9000:2057:8c00:10:3422:3f00:21
2600:9000:2057:9400:b:6268:b880:93a1
2600:9000:206f:6c00:11:a4de:2580:93a1
2600:9000:206f:9a00:a:cbb7:a940:93a1
2600:9000:206f:9e00:6:b871:4f00:93a1
2600:9000:206f:fe00:9:78a:e540:93a1
2600:9000:214f:e800:1c:386f:ec80:21
2602:803:c004:200::141
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:1ab3:789:1032:20e3:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700:10::6816:38ae
2606:4700:10::6816:b7
2606:4700:20::681a:467
2606:4700:20::681a:8a9
2606:4700:20::ac43:4551
2606:4700:3032::ac43:c67b
2606:4700::6810:4da5
2606:4700::6812:272
2620:112:f006:bbbb::12
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1288:80:800::7001
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c08::9d
2a02:2638::1c
2a02:26f0:12d:495::2c79
2a02:26f0:6c00::210:bb91
2a02:fa8:8806:20::2010
2a03:90c0:41:2801::254
2a04:4e42:200::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:c5b2:6467:3d71:6a2f
2a05:d018:d29:3601:6c4f:4351:131b:c252
2a0c:5c81:5142::2
3.121.27.153
3.210.11.204
3.216.55.148
3.228.133.61
34.120.247.19
34.149.20.76
34.196.151.221
34.203.184.171
34.254.143.3
34.98.67.61
35.186.253.211
35.201.81.244
35.227.248.159
35.244.174.68
37.157.2.237
37.252.172.123
37.252.172.36
45.133.44.3
46.249.52.249
5.178.65.245
5.178.65.246
5.178.65.252
51.158.28.82
51.178.20.140
51.89.20.86
51.89.9.254
52.200.158.235
52.214.105.43
52.223.40.198
52.30.14.23
52.51.91.44
52.72.173.84
52.73.58.55
52.94.222.140
54.174.249.39
54.194.244.117
54.211.161.228
54.236.184.123
63.251.114.182
63.251.86.51
63.35.242.195
65.9.61.50
65.9.61.80
66.155.71.25
67.202.105.21
69.173.144.138
69.173.144.165
69.173.151.100
8.2.111.137
85.114.159.118
89.163.159.102
96.46.186.57
99.86.3.24
99.86.3.46
99.86.3.99
01657a9b73f39a991be89803d04c0d1c066a76d3c0ee9c82dc51a837d93693c7
0168bb2cdfa0702afab8cc44da19d1386f30604166c8a48ef5d24a04ffe00555
017241b95937b4c9c966481ffb887262369a10c4cb79127f1970c4f1d75202c5
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
037e5f9841488d1905f7ec4c18c9b2a93f0d1f3ffba7997fe9c882df77d2cae8
038e0bfbcb0a59fb7cfd2db67302ff66331bd04fbf48eda0a8e18f933af086f7
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
07a04484b5cc7e5f3efd517ff33e622694077bb6089bac91d97c493f7a546c6a
07b2a5952f2c02d8fb6debf250494c3e849a3ffad851c8d5f6a37e3746e640a4
0a365f9f1d59699b3e7ea58fb612f1180caedca058cbacd853a271d00dda26c2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0cfbfc0d9fe0600d647a64851e8e265956520dd6df3fae27e17566784ff1e5e4
0f11ad1c6d42e23c2c3293d3c0435b19e924cadf8f6c13f638fd4c4c8d806b93
0fd1fa7dfa8dac74e2482bdc033c7cf06f9aecedd7e0db1fbe06f6d4ee2206b7
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15e6ec0e51de1768c9cc488c8fe4ad9cc6f6673fde8e0055f909ab8d463fead1
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77
16fc151f4a7be3c0d2f3f34cfff7122ac2263d53c2002fc5b593826b56febc25
1750ffa3cf77edc848ddb2839c6b6ac84c20797f45478ad876b817053a3637b8
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
19b01489181e7254d3b4d0885952d0d186f114c3bf69357b14db40851f7f52be
1a0dc0455fa0ad7e7b19040f43ab5f293d566061f272413b184c0afc81b2bb05
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1bfc0e8a0e8f9a1a8ee53f79b44b56bfd32b5694707da704851c10fa42cdf74e
1c5ea15becf5b0063dbf7115a802701a0b96f3d3907608b37732922d235b1420
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
22448c11de6d605a9fa82f5dbe715a8f0af2f564c73991508ef36f46b42cd4b4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38
22fdf0a65568bccc357d5d8e80fa8dab259d5b0639e37851de52a86c7d6f4099
2398c89ce7ee4d52d77f51630691eb907e058826b460618187ba964b66158e5c
258c3c8991ced4ff294714e8e52d949478b0e181adc508824e00b439e16b8921
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2796cb81db5dfe7e8e5419d648847c3eea543a3ea4629cc4291c20372ff3f854
27bfde2b2355e6bb1f23a72077664fb6ad10ade6672d7d22f088a40b0647dd16
291afe191e5ef35c94a88f71577db71cc4b3a5c67d4f60544e1443f3dd655455
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f13d9703703cdf9f6332b5799247473ee00d4811262873d2be07704c32b9df2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd05863522b536607f8b669ad1ebe934ad487cb8252a4f6bb9f44931681cbd9
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
308dbcf444d926685b9884dac13aeca7818912ff2b8f0a92f6a812822765244d
31d48ca7779881e669af8d6f4801888f6b8dcf5288aac7841592daab103c82df
3337b83030e668b00d5b8461d6af582dcbbe7bde43eff3ec29fbe38f926f86d5
333ab01ba4a78781f3727d56490c0fea816b40611f1147c1f5bbf66463eb2afa
3427b69a7a53aaaa1b70f0bfd45fd171c0b73d5cdaa8200696bf5d1d1b3a9626
35581a9416646b699df1f06352c22577ecc0bb54d95761390c2657b1869ececc
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36924f7449ae9cf1935fdba5aa63868a40888c8a1d92157d1fa64cdf005df47c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38f5195c6a416a6cc9abd237ed7159ba4b742913d96adee705a529902326c966
39bf3132e2fabc60aa1f623f10b7bb91ccef477653ec51291038f1c2a22c8032
3a837873b3c174524e190a4c9a9bf52379cac4d2822bb5e524c60df2d9d15abd
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c2e5699107fa0b132e8d4687ad1e49fe379cae31e755dcab3699ada9784efab
3ca8f5174ebdece3fb0af0617860698db936b0cd3865539cdca18dcd6e9c859d
3d132676024fc1ef7dc944f4fdce0c538870c9520b239b888cbf8bc45af72014
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7b05c50230e732d6387e17fc86069e3e964bddf59d4f1b42307a5121d315af
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3f6da9c70b75e5a8bfbe610a00668f6409c7b54fba87c4ce7d072e7db04c18fd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
426d6e20ec0817e2d1c0abcef3253772bbe48029c650bfa12c2ef893f7d055e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c0313ee010b4ebfe8165b29eaefe1f6e3b94f5c83a2399e8ec5933fccdb218
45a33e9a61d7debade9c9b8088f5961f2e180f5952c848e7d580ecd4845c944d
478072a2ee372aadee16c38a9cf400be2abbdb6b7909687d57145b5c71ff860d
47deeb506a352e55708a5bb1b0def35a9287d3a2c6db11ff6570ee48a83195f1
481f91bab5bfe29d46a7c0890dc6d1780018692ef4920bf441db8b18698700a1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494edf497df9401c276fc7e9588a71fc979845e88347ec3de41f966213cf2498
4a09293cc6ed3781f2bd224cb4ff8c200c19ca350fdb0415f92336d5bb1e74b5
4aca4d3149a1233c13f275382b65adf32cef5a228098dbb01d2d5cd601b9dd1b
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4b6c4074f314ea6d35b79c35225c6c12eba58fb5ba61e332fe87eefef3717554
4b915656b49e6a8400f899665e1a9b6a1841f32a8b1917e189e05bafff099fd1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6cb0f5e2652428d28bc89a7ee2bbb5bff7f695539f18b381b1ce1421691737
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f594de5c03b965e557e6372080fe22219f5e294dd3fb70b06a173644c967eae
5212f06b3be2f079f80bc49be0e9655b65784c3c8e17734ecb9771ee25f227e4
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
551a970dcd88f5f3fb322111523dbd53debd6b59597f3dcfaa58f06b4a14b90f
5707d638c113e28223ec358a3b0728fd07301a558b2715c5bcacdf30c1c8b48d
5719f3b0da9be57fe11540c4538089a43fd8e59fa796eccf48f63ce7157f8b9e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5ca6d957f3e42bc9830720c7b0cad4721ba013fafe0cd396621d43faacd3a553
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5d9880e11f1146f12d4ac5114b1a4aca4c9244275560557addd1126aae5fe074
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
60eaf34b112ae7f2606a717731dc9fd905678371d93f57e20930163e214fda66
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61a4c699513f6f55615aefdd25e0aea5416f0cee4d0516c527874792fac3011b
650f2ee76b851b98068fb97f4d7fa8391521044e301472433d17a28fb210c1eb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677a1167be22cd72880eeca998e56e35417e6a12dbc2925da6f33b209d0bf77d
6793259f91c9bdfa8fb906811787c04cd02563117968cfa4754fd654c8af197a
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b42722f5d2b2e6ea23088c2a64cd0bf3911138aec45b66cbc30573a51c141b0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7f4dba533725a91f82dd10ef281346ff02f90971233053d622e8feac4cd284
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6e1bd4da509772fc979984d55f9887d457270eb2d731dacd4a8519270a3579f5
6ecde17c0911942e87d2bc095369d4e70e4ac05221eae9048bdcee41527bb59d
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e
70695a3e0983b65ad28774ef984c9705ebd638685a57fd2b8e55878549da657c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
741b47c86e8a6bc8cf9caaaac1d725c79c5069798a7ec6e8017e44da14f44441
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ac931be8317ddd557641b52071fba107832e8ea03d8822c32b30693eacffc17
7b8d1e652bf7c392a03eafaf70608139dcb4b37dc216e0ab9d3edc4b20cda016
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7df0425a4380db28a41c5f8693008a1024f8ecba1d313f4719ada41a697f78fc
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
81b68c553a97401129e597cd3d54cf6c3d12b0d3a74b1ff15bdd93a427489f23
81d9df15acc855bbe6ac4816da7f471c24225fc58d96a297691cd722e9aaa26a
822806dddfbfc7cb730fad30f900b7cc51260862ae7a1fb0983a3f490c531e0d
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84b3d6488519c50fdb37ada97d2a0f82fdd40f0971d3509b1853e4ccd9e1e259
84ce7903d938e7354183e90e6494a5f52749f8fb7a6a432224b87df818919db2
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86abf8aceab9708122d9ec56f1bb32199d2b7af7a567787e875cdb56e3e6a6d4
86d06f0e5f9de695408914746ded8bc3455d103eeedcc157750273d2d3ab6c0a
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8ad99c86048e1bff5d9e40af7c49a1ef48fa1e0d6fa92558b49cbe3180c90ca4
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91418ae747d2d16ee1ec7c9a68b657ee0d4e2d7e96159551a163ba775f2f2ec6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6
95622daa4e89cb367af0f161d510f9394cd8b1f78daf81d53967723d8f3f7803
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
962ad038354035ffa7514c00b09391bb845c71748414018801d8b0710e5a13a7
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98cc93dfa2223c4aefeba2217ce8d74d80d6f3ac3c2a530457a0864fac3a202c
98e1b2ca89e7684e9db31756151917bc07e80785dc1afa769dd3e6dbd7ba90af
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9aee4def5d16d6fee114ea61f044eae9bbc4d6b6efce612aec62cc742c296180
9bcb2bc1af3cc54dffaac48a9a223f52798ae734db69e29584b0d14dd59fb110
9e48d3159e8d38ec9776c6903724d76f1f3672895b221877c6a64fadd8eb779a
a02302fbd7f869939eeeaadc95a84549885ff57f68c67c1517a6ff05fe7cd5ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb
a502b8c6ca98e6a37c9f5888bb0ea36d3424d09f2f7c78a5d41da31fbb4f120b
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a75d398625683f08bdbe2c157bfeb05a55749cdfe049b8126c91342339df28b4
a8d9e93e9a9f04ec038135aa48b5db7ddad679d94a7d7442cbf94c1be1b0e165
a946480e563b4957a28f87b3255f394285a51de6b6a94616262a25b163ba3651
a9c2e9035ac72edf0f88f673b88f348d0708974ce3eef28dbe8b2ef7a6f53bb1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2539f6f9db483523855e6d68398dae5941fd59c5996bf93043abdc91b320d25
b4dfad2752081001e1a24e4b2ea9e5038d31f6779a1bb4a0967abf956c223f17
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131
bbb5793911e601330153418c841cc86a73e0018eee5887ccf121c9ded7cee53f
bd43496b79bba1754c6b9438e74fd1a181dd09d82a68af1e67759aa021377ff5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedd10f103953e50d361e75843eaa308a4df7c7f4ca11880755fa803d9f521e1
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf9914de0e14f76ad19382ccdc1e33dca7f3978965c9d68b6c4156b882b4c317
c145456f029f577a7dc1e9e95c779a3eeb22cdd8b31aac30f350beb35284b74d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3
c403acb3b2ea1ce34e2414bb18c6b81954679799a85e61fc9a3db83c3053ac92
c49cfd9b52fd2fdf42d94fad0e335d7da0f78413ce69efb6ae1a38fcee5ec45a
c4e35dcfbc24e7fd225de7b09fd4754331c2811697a2840ae937abcaf89aa2e3
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9
c515b5fdc20c956475a0935c7928cec89341303c97c9f3a09c7ed6c5f5c4f420
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c749074cd657346d5e898b8fef7b515827d911da5f38de1f5c8bb13e4e7d46e3
c799c739ee0a2e2cceb8dcccd08ee83877d075c990d2e27e28ed332887396dea
c7e02db6ee7d5cd8c3496675ff1c974da201a4241630c4885ed1126a6b807a18
c7f7de172b782e8bc7432f984a695cbf698020eb3a465bf92d32637c9d6faebe
caa46a0a5ac5d29e7af5437c5c57c2c67bc7d8873a38d0e364aa987824342c20
cabaabab26a777959cb28bc1460c059ba210a37745cb57bdc3ddca2f28955c6c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc9646144f055f8efe45bc8fcd88327a4f868b7d218632fa2bf062c3a626e33d
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
cdce7efb7e2f61fdd06672e77df88e2346b564de2603a29fac193077bafc59ec
ceec937766f402ce18c6de4f042cde8f4c09af0a7099a6ebe894c58eebcba706
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d383a610f1e010b5be032d8b11ce1ba9ccb749ed15a8d347d93c1ba65602b409
d3bc027c19269284918237e537c45d8cfe0fc41c60dfc9b6c893ff64cb840135
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d5a6954f446213b7bdd1e136c742c00bfd95519fd6fdfbc53ca0ba17e8eddef6
d8501bc0d369949c01cd9320b8e4988fb7425ffb1a75a4c7648477f2eb53d13a
d8fbf31541c3099bd574dcaeb85ead7f79f6fcb362ce6be2c83d3545afeea6c2
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da7f6a86c69ea3d3fa60685105b5c2f5a483c6ba90067a35b46c490760510f6c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd5d085f050e90594fc9b68dc9d42e7f3027a00226375051ece2d147af161931
ddba7b3acd2ce7071f8d8857b8e19b2ab906d6b8b059c745d1c3dece93cc20e3
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df4c43b9c88f5faab598e24d7573dc3b735e6084f8e605470e349b3f50f8bad3
e19e8fea1a7b7f8061ff8e32de4190ce124f06da1fd14a87df0043089b1233a7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e33de2aaa29c4900991945afe4192894608c457c95ca3a0e31d7d88aea0150cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e5605b2b34cfd77cc5c5d2672ac1cac148ff02260b0fdf8a4ea9ca775f7bf250
e68768aae27ceca7545c18cfc00a6ed91bb4c4e9571f2a1d443fb8073a42ca13
e6e1f3e5e9d2bbde9dc7dd18394c3edee9841d732c032f54d3f3e992227245bf
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ebbca5c04f7eff6128c2b33ce2535842875a959a165d796b6ee2150a6e4454ee
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
eef58ed9ddef3f153023ead880f7dea7fa2415a15db8d387eb19a01f7faf79fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f18d31f8608c7b3b841fa0e80c2672852a129de6e143fd7a3e10c13c62768cf6
f1a034cb9ed52d9ef0c335c10420a7349c41b3019cbc2c4584a46e4846e90ed8
f1eb5d019483f7e268e91b4b0c0542bc9f57c2f9bb905db1b9fcbd53be7d739f
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f2f3856103d86fc6f20acfd5549e4659b5be3212b9c7f3edef7c494bac0a30a9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5fbe9ba88d92aaa1bd6b215881e3a4e52ab4af2138d1907c2b84d28adfbe487
f823ef4f6c185d8b947f81f6908f0c8bb8758a96fb5417cc1cdef669fa7f2664
fb1d5a79b0aff9e639d8e279ad9eaf9000d9aaa35fbc2580aaa496abbdf03fbc
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fb9c9fdd563e6bc5e905c33640c6ba9c7856e123882d3fb2c5f10745e965040d
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fd25aad2af9ced8ce9fd771409945a27963a7519016f30679300b4bcede59e9a
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fda5df47ce854e84a113fbde5271b6783a95300b42520c8ec797c6afddfdfc8d
fe9c44485e4a7195e3fbea041f6550ae1360643c7ba0a64c3be6d59e0263226b
feaa1eef5e364b26b1989fb6160957c5540d127ad1a28bb904e9b844a82885c8
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c
ff7907756bc34cf4ff2d93563f28451c1eba274cccc6cac66b00d9784c300e11