urlscan.io logo urlscan.io
SecurityTrails logo

resistthemainstream.org Open in urlscan Pro
2606:4700:20::681a:256  Public Scan

Go To Rescan Add Verdict Report
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Submission: On February 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 13 countries across 82 domains to perform 305 HTTP transactions. The main IP is 2606:4700:20::681a:256, located in United States and belongs to CLOUDFLARENET, US. The main domain is resistthemainstream.org. The Cisco Umbrella rank of the primary domain is 408345.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time resistthemainstream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 68.71.249.118 20093 (ZEROLAG)
13 104.19.133.78 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 35.190.62.199 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 104.154.142.214 15169 (GOOGLE)
1 89.187.169.47 60068 (CDN77 ^_^)
1 2600:9000:215... 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
1 4 2620:116:800d... 16509 (AMAZON-02)
3 3 185.33.221.89 29990 (ASN-APPNEX)
3 3 104.36.113.35 62713 (AS-PUBMATIC)
7 8 172.217.18.98 15169 (GOOGLE)
1 7 185.64.189.110 62713 (AS-PUBMATIC)
1 3 185.64.190.81 62713 (AS-PUBMATIC)
1 193.122.128.135 31898 (ORACLE-BM...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
16 104.19.135.78 13335 (CLOUDFLAR...)
1 2a03:90c0:41:... 199524 (GCORE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.101.130.132 54113 (FASTLY)
4 35.172.57.251 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 34.194.95.81 14618 (AMAZON-AES)
5 34.232.190.145 14618 (AMAZON-AES)
1 52.206.128.29 14618 (AMAZON-AES)
12 2.16.186.139 20940 (AKAMAI-ASN1)
6 45.133.44.4 39572 (ADVANCEDH...)
6 2a0c:5c81:514... 55081 (24SHELLS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 185.33.220.242 29990 (ASN-APPNEX)
1 185.83.70.67 55081 (24SHELLS)
1 148.251.121.152 24940 (HETZNER-AS)
1 178.250.2.131 44788 (ASN-CRITE...)
4 185.64.189.112 62713 (AS-PUBMATIC)
1 2 5.178.65.245 50673 (SERVERIUS-AS)
1 2602:803:c002... 26667 (RUBICONPR...)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2.18.233.180 16625 (AKAMAI-AS)
2 7 2.18.234.21 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
1 216.52.2.30 30282 (AS-INAPCD...)
2 213.19.147.43 3356 (LEVEL3)
2 45.133.44.3 39572 (ADVANCEDH...)
3 52.59.123.232 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 2 209.54.180.144 16509 (AMAZON-02)
4 5 3.33.220.150 16509 (AMAZON-02)
1 1 52.71.142.200 14618 (AMAZON-AES)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 34.111.151.213 15169 (GOOGLE)
2 2 52.58.249.203 16509 (AMAZON-02)
1 54.174.213.70 14618 (AMAZON-AES)
1 69.173.144.139 26667 (RUBICONPR...)
1 69.173.151.100 26667 (RUBICONPR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 54.36.109.46 16276 (OVH)
1 5 185.29.134.245 30419 (MEDIAMATH...)
1 2602:803:c002... 26667 (RUBICONPR...)
9 142.250.181.226 15169 (GOOGLE)
1 88.99.219.174 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 144.76.91.199 24940 (HETZNER-AS)
3 37.157.3.28 198622 (ADFORM)
20 37.157.2.248 198622 (ADFORM)
1 88.99.65.215 24940 (HETZNER-AS)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 2 37.157.3.30 198622 (ADFORM)
1 1 178.250.2.151 44788 (ASN-CRITE...)
13 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.180 1299 (TWELVE99 ...)
2 2 185.29.134.244 30419 (MEDIAMATH...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 151.101.2.49 54113 (FASTLY)
1 1 54.166.244.71 14618 (AMAZON-AES)
1 1 23.88.75.188 24940 (HETZNER-AS)
4 4 54.247.43.164 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 199.187.193.185 47043 (SMARTADSE...)
1 72.251.245.181 29791 (VOXEL-DOT...)
1 157.90.212.181 24940 (HETZNER-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 94.23.171.206 16276 (OVH)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
3 3 146.59.148.16 16276 (OVH)
2 2 52.17.84.146 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.122.14.34 36351 (SOFTLAYER)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 34.196.42.166 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 34.102.253.54 15169 (GOOGLE)
1 198.47.127.20 ()
305 97
26    2606:4700:20::681a:256 (United States)

ASN13335 (CLOUDFLARENET, US)
resistthemainstream.org
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:5800:9:d7ff:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.decide.dev
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)
udmserve.net
13    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    2606:4700:20::ac43:4514 (United States)

ASN13335 (CLOUDFLARENET, US)
talk.hyvor.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
4    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
fearlessfaucet.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2156:de00:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
1    2600:9000:2156:be00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2600:9000:2156:f800:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
4    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    104.36.113.35 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2156:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
16    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
2    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
4    35.172.57.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-57-251.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    34.194.95.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-95-81.compute-1.amazonaws.com
atrack.avplayer.com
5    34.232.190.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-190-145.compute-1.amazonaws.com
track1.aniview.com
1    52.206.128.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-128-29.compute-1.amazonaws.com
premiumsrv.aniview.com
12    2.16.186.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-139.deploy.static.akamaitechnologies.com
mcd.ex.co
6    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.83.70.67 (London, United Kingdom)

ASN55081 (24SHELLS, US)
research.adtelligent.com
1    148.251.121.152 (Quedlinburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon
rtb.adxpremium.services
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    5.178.65.245 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.targeting.unrulymedia.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.midserved.com
3    52.59.123.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-123-232.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    52.71.142.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-142-200.compute-1.amazonaws.com
sync.extend.tv
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    52.58.249.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-203.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    54.174.213.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-213-70.compute-1.amazonaws.com
sync.aniview.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
7    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com
id5-sync.com
5    185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2602:803:c002:300::76 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad3.rubiconproject.com
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
1    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
20    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de
cdn.contentspread.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.166.244.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-244-71.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
4    54.247.43.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-43-164.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    72.251.245.181 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    157.90.212.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.181.212.90.157.clients.your-server.de
matching.truffle.bid
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2a05:d018:d29:3605:9290:fe02:2ee8:2378 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    34.196.42.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-42-166.compute-1.amazonaws.com
t.pswec.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
36 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 543
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
simage2.pubmatic.com — Cisco Umbrella Rank: 552
simage4.pubmatic.com
41 KB
30 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8575
c.mgid.com — Cisco Umbrella Rank: 6289
cdn.mgid.com — Cisco Umbrella Rank: 10842
servicer.mgid.com — Cisco Umbrella Rank: 8740
s-img.mgid.com — Cisco Umbrella Rank: 7632
cm.mgid.com — Cisco Umbrella Rank: 2442
video-native.mgid.com — Cisco Umbrella Rank: 27360
553 KB
26 resistthemainstream.org
resistthemainstream.org — Cisco Umbrella Rank: 408345
571 KB
25 adform.net
track.adform.net — Cisco Umbrella Rank: 3678
s1.adform.net — Cisco Umbrella Rank: 7462
c1.adform.net — Cisco Umbrella Rank: 529
195 KB
21 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
pubads.g.doubleclick.net — Cisco Umbrella Rank: 506
72 KB
17 ex.co
player.ex.co — Cisco Umbrella Rank: 9875
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8297
mcd.ex.co — Cisco Umbrella Rank: 10286
1 MB
13 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5338
ghb.adtelligent.com — Cisco Umbrella Rank: 5603
research.adtelligent.com
269 KB
12 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 980
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 935
beacon-iad3.rubiconproject.com — Cisco Umbrella Rank: 2658
26 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
dis.criteo.com — Cisco Umbrella Rank: 619
9 KB
9 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2253
track1.aniview.com — Cisco Umbrella Rank: 2203
premiumsrv.aniview.com — Cisco Umbrella Rank: 11550
sync.aniview.com — Cisco Umbrella Rank: 2314
205 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
1 MB
8 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2834
pixel.mathtag.com — Cisco Umbrella Rank: 1050
sync.mathtag.com — Cisco Umbrella Rank: 387
5 KB
7 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
dsum.casalemedia.com — Cisco Umbrella Rank: 1042
9 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2775
r.skimresources.com — Cisco Umbrella Rank: 2667
t.skimresources.com — Cisco Umbrella Rank: 2808
p.skimresources.com — Cisco Umbrella Rank: 3600
20 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
76 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31122
hal900018.redintelligence.net — Cisco Umbrella Rank: 230745
8 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
ib.adnxs.com — Cisco Umbrella Rank: 210
5 KB
5 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9150
6 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
11 KB
4 gstatic.com
fonts.gstatic.com
92 KB
4 fearlessfaucet.com
fearlessfaucet.com — Cisco Umbrella Rank: 46225
28 KB
4 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3148
6 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
25 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
3 unrulymedia.com
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8312
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
mp.4dex.io — Cisco Umbrella Rank: 2329
24 KB
3 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 15547
176 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 2718
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
889 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
848 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571
match.taboola.com — Cisco Umbrella Rank: 1834
531 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
743 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4441
637 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
56 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
671 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
1 KB
2 midserved.com
p.midserved.com — Cisco Umbrella Rank: 18037
25 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6090
1 KB
2 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 7986
atrack.avplayer.com — Cisco Umbrella Rank: 10473
71 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 23252
2 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
1 KB
2 hyvor.com
talk.hyvor.com — Cisco Umbrella Rank: 80754
5 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3101
462 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
336 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2152
534 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
612 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 12245
328 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
891 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4797
280 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5066
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
408 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 535
163 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 516
496 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
217 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
619 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
501 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 46991
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1545
318 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1410
546 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 696
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927
185 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7260
794 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
298 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 502
483 B
1 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 4876
57 KB
1 lockerdomecdn.com
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 18907
3 KB
1 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 3977
api.viglink.com Failed
28 KB
1 decide.dev
cdn1.decide.dev — Cisco Umbrella Rank: 41785
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
64 KB
305 82
Domain Requested by
26 resistthemainstream.org resistthemainstream.org
20 s1.adform.net track.adform.net
s1.adform.net
resistthemainstream.org
16 s-img.mgid.com resistthemainstream.org
13 simage2.pubmatic.com ads.pubmatic.com
12 mcd.ex.co player.avplayer.com
9 pubads.g.doubleclick.net imasdk.googleapis.com
8 cm.g.doubleclick.net 7 redirects ssum.casalemedia.com
7 imasdk.googleapis.com player.aniview.com
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 pagead2.googlesyndication.com srcdoc
6 ghb.adtelligent.com player.adtelligent.com
p.midserved.com
6 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
p.midserved.com
5 tags.mathtag.com 1 redirects resistthemainstream.org
player.adtelligent.com
tags.mathtag.com
5 match.adsrvr.org 4 redirects ssum.casalemedia.com
5 track1.aniview.com resistthemainstream.org
player.aniview.com
5 lockerdome.com cdn2.lockerdomecdn.com
player.adtelligent.com
5 jsc.mgid.com resistthemainstream.org
jsc.mgid.com
4 match.prod.bidr.io 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 hal900018.redintelligence.net 1 redirects player.adtelligent.com
hal900018.redintelligence.net
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
player.adtelligent.com
4 hbopenbid.pubmatic.com player.adtelligent.com
player.aniview.com
4 prd-collector-anon.ex.co player.ex.co
4 stats.g.doubleclick.net lockerdome.com
4 fonts.gstatic.com fonts.googleapis.com
4 fearlessfaucet.com resistthemainstream.org
fearlessfaucet.com
4 udmserve.net resistthemainstream.org
bid.underdog.media
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 sync.1rx.io 3 redirects
3 mug.criteo.com
3 cdnjs.cloudflare.com s1.adform.net
3 track.adform.net hal900018.redintelligence.net
s1.adform.net
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 prebid-server.rubiconproject.com player.aniview.com
3 ads.pubmatic.com player.aniview.com
3 cdn.mgid.com resistthemainstream.org
jsc.mgid.com
3 pixel.quantserve.com 1 redirects resistthemainstream.org
3 image4.pubmatic.com 1 redirects
3 image8.pubmatic.com 3 redirects
3 secure.adnxs.com 3 redirects
3 bid.underdog.media udmserve.net
bid.underdog.media
3 www.google-analytics.com www.googletagmanager.com
cdn2.lockerdomecdn.com
www.google-analytics.com
2 t.pswec.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 id5-sync.com player.aniview.com
player.adtelligent.com
2 adservice.google.com imasdk.googleapis.com
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 p.midserved.com player.adtelligent.com
p.midserved.com
2 tag.targeting.unrulymedia.com player.aniview.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 pbjs.e-planning.net 1 redirects srcdoc
2 ib.adnxs.com 1 redirects player.adtelligent.com
2 script.4dex.io player.adtelligent.com
script.4dex.io
2 player.aniview.com player.ex.co
player.aniview.com
2 player.adtcdn.com srcdoc
player.adtcdn.com
2 cm.mgid.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 rules.quantcount.com secure.quantserve.com
2 p.skimresources.com resistthemainstream.org
2 t.skimresources.com resistthemainstream.org
s.skimresources.com
2 r.skimresources.com s.skimresources.com
2 talk.hyvor.com resistthemainstream.org
2 fonts.googleapis.com resistthemainstream.org
client
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com
1 um.simpli.fi
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 cdn.contentspread.net hal900018.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net resistthemainstream.org
1 beacon-iad3.rubiconproject.com resistthemainstream.org
1 s0.2mdn.net imasdk.googleapis.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync.extend.tv 1 redirects
1 ce.lijit.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 mp.4dex.io player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 fastlane.rubiconproject.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 research.adtelligent.com player.adtelligent.com
1 premiumsrv.aniview.com player.aniview.com
1 atrack.avplayer.com resistthemainstream.org
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 sync.technoratimedia.com resistthemainstream.org
1 secure.quantserve.com udmserve.net
1 static.adsafeprotected.com resistthemainstream.org
1 a.omappapi.com resistthemainstream.org
1 cdn2.lockerdomecdn.com resistthemainstream.org
1 cdn.viglink.com resistthemainstream.org
1 cdn1.decide.dev resistthemainstream.org
1 www.googletagmanager.com resistthemainstream.org
1 s.skimresources.com resistthemainstream.org
0 api.viglink.com Failed cdn.viglink.com
305 134

This site contains links to these domains. Also see Links.

Domain
telegram.me
gab.com
gettr.com
www.bing.com
widgets.mgid.com
www.mgid.com
conservativebrief.com
Subject Issuer Validity Valid
*.resistthemainstream.org
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.decide.dev
Amazon		 2022-01-24 -
2023-02-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
fearlessfaucet.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
a.omappapi.com
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
underdog.media
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-02-06 -
2022-05-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-08 -
2022-12-09		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
p.midserved.com
R3		 2022-02-16 -
2022-05-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 51 frames:

Primary Page: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Frame ID: 04B12E1DDD9253D2B9F3B861441D8297
Requests: 136 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.41220231446729216
Frame ID: 50EFE07570F1688995D96BF6BA1A4FD0
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: 0BE246B47C39BBFB324D1D8C67A701E3
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Frame ID: 148924D8DE93451A32E3CE0DD2DC5945
Requests: 2 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: CE811C1D5C7C580D2DF93621BCF3CDCF
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: 328334DEEB2E483FF2E9D1885F1480EA
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Frame ID: D89870DFE3D0C8FCDD13B1F2F3DF14B3
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1646075363335141634284
Frame ID: D694F42FD91074C409B1AA80B8A637F7
Requests: 1 HTTP requests in this frame

Frame: https://player.adtcdn.com/prebidlink/457243.15651305555/mgadt.449143.js?domain=resistthemainstream.org
Frame ID: 356CC55392B229A5D7A41F9989EC4629
Requests: 25 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: D65AC582ACACB546F08DC4D74DEF0820
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D1%26key%3D
Frame ID: 2B51C10DF578B1A73ACB94A8E4F64186
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 1FEF3A73E70EAFFB61CF524C073F8FB3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: A15580844C7C014592870D6696A486C4
Requests: 4 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1646075364389-977451507064-006288-015-000776&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 3237D3EC8EAC4F0EA2F2FB2450346B9F
Requests: 1 HTTP requests in this frame

Frame: https://p.midserved.com/prebidlink/19051/j.html?i=11602
Frame ID: 152B8CB077CD1293B27A712D4C38575D
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 85656DF31410DD5A098D3282C8F18EE9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 962CBD5A6D0F234F0EDDBBDCA497DB48
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: F77C05BF1C802A441439794CDB0EE29E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 7E0D05567B079246FC83DF205F50164B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 1DE927C3857377A3F7E71297535D7950
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C29099069F085B51C42D82633DEA62CE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B5850DA0485B5EC7D8FAB4DA62AE29E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E2A7F4E47165A5DF972F2558A364148C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F1525E0BD1AE43BAF3E59E87F09D05ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 40DD73A100564642308688461195F350
Requests: 1 HTTP requests in this frame

Frame: https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Frame ID: D2C40A671F17578A92365F26478CD11C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 5B782242269163E8C97B391850D732B5
Requests: 20 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUlFRlRvbU0ybFpOWVdjZFJHajBlUTgvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/UzE8E-0XXgVeOqqQ2YymQRABFdQ&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=216.200.232.156&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F
Frame ID: A4A348F0D86BA9B1863E78FDC24CFFE6
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 21A5CF990E5D19C39A71448AC6EA5905
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3796E839732A08512BC8991D78356897
Requests: 1 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
Frame ID: 7A395DC0F8BB6BA6406D5F05C9FF7792
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 966A3D4FB1502BD89B5840A9305C7E01
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10942284/10942284.js?ADFassetID=10942284&bv=258
Frame ID: 7141D1DD3648A965DC54DB9F46BF4121
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=resistthemainstream.org
Frame ID: 337B6E7A0E4B5CABDC62EBB376E2B5B0
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=628DF1EE-372F-4038-B61C-BE7BB7B24661
Frame ID: 06F8D98BB36D1D6C956256F56121D7EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B3F2382619DD9F256B4D0AA9893F2137
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8890840999861779946
Frame ID: D66816385BD6DEF65B3DA87A290252C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&gdpr=0&gdpr_consent=
Frame ID: 3B7C09597FE652D236D7BFC04D1C41D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7069839872328333465
Frame ID: F5A5007AD1102A7D2AD19C620DAC79FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh0d6AAJnSKgPwAy&gdpr=0&gdpr_consent=&_test=Yh0d6AAJnSKgPwAy
Frame ID: E92B42E8C3DBA2711108C0D220132F37
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dY6sS_DMQBhKy2DWm_lbPcEbDgo
Frame ID: 602B245F594E1B642649B91D7DE2554A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 7A3B1CF0C3B14502D980069697283A8B
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGJnU7EOjwAAH_r5rZlMw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 26E51AC1732D17D7021B01EF92013F3B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9CDF88F89FD950B3A0F75296508CF2DC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B3B1BE9C9879ACFA78025BFC2EE1B6E6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1BA06F9767A5F7ADE15D1D2B41FBE030
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 4EB8A859405ADFE7C7D0F1E1573D62C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9c0fa485-a7cf-416e-9622-957f063085be-003
Frame ID: FF470BC1DC908C19F3D079D36D2411ED
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 71C3B4A22CA27DC3ACBF5047AEE70EA4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ynG3Qx6BrjaXujvX9AUXYZkd
Frame ID: 4C91934FFA6EACDBEC1FADE41C210C95
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=697b1872-5620-43e3-990d-1542500e8859-tuct916a368&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B28A17FECDF52566D2DB47BA7146EE36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donald Trump: ‘We’re Coming Back…Something’s Gonna Happen!’

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

305
Requests

88 %
HTTPS

30 %
IPv6

82
Domains

134
Subdomains

97
IPs

13
Countries

5429 kB
Transfer

14087 kB
Size

109
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.21301052 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.21301052 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=4503125521303474865;cb=0.21301052
Request Chain 59
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.21301052 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.21301052&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4REYxRUUtMzcyRi00MDM4LUI2MUMtQkU3QkI3QjI0NjYx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4REYxRUUtMzcyRi00MDM4LUI2MUMtQkU3QkI3QjI0NjYx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052
Request Chain 139
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/resistthemainstream.org/ROS?rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&e_pubcid=6a296de3-7bf4-43af-8e29-813c1a883684 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&e_pubcid=6a296de3-7bf4-43af-8e29-813c1a883684
Request Chain 144
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 145
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 170
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yh0d5P7IsX44Dy.LuvlNaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsfy1Ou3PzBBQw5kB_4JDo&google_cver=1&gdpr=1&google_hm=2
Request Chain 172
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB&dcc=t
Request Chain 174
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1942a35-7f14-4560-8819-02790c427e89
Request Chain 175
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6993617641140796926&uid=Q6993617641140796926&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 176
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92c8bd6a-e3cc-3b22-9ed5cb74
Request Chain 177
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9XrzEBp21NoLoE5&gdpr=1
Request Chain 205
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUVTZjEzRzNCVDlPd1lJNjRJeGc0N0kvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/NU-6O8QQ4Vyl8zT-joIPHJXcpNs&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&price=01B1D0C00EE355C8&bp=a_bjbbgg&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=216.200.232.156 HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=6259971478654972315&node_id=2675&exch_id=9
Request Chain 215
  • https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D283988f3154bda2%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=415877447871&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D283988f3154bda2%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=415877447871&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 260
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=resistthemainstream.org&sn=ChromeSyncframe&so=0&topUrl=resistthemainstream.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lc7_L3xyNnY2WUVOZTg4ZUR4VFg2M0lYOFV6TnI2MVRmMmFuRko1S2NobmNlNU1IRmVsOXFidG5PQ0tOL0g2MUtmZmZXNjNXKy95eW9QZG1WN0U4T000UmxDRzZqbktMRnF1K2dsRWRZTWxCY3o5eTF1ZHJJQ2JDaytsL3pjc20weUVJbWcrQ3Q3MWpCdUNMaWtOZlpYYXphRUUvUmNhcFVhWXNXamZWdXFVc3VMa1J0MXpVNVBkR3p6cXkzdUhQVmFIbDJqUG5xMVhjUU9tQTM4eU9LL2g1RTdWUzg5MEYzb3JDSWJMV1plbVd0WWNsWklFUXltTDhqS2dremp0MzdjQzZhUFNjTi90a2RnaXhadDJ4RS9HNVFSMGNwWU9UbDJlVVNuOE1vNDVSQ0Jwbz18&cppv=2
Request Chain 263
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HPd85HxJeFJRS0FGV051NS8zREF2S2FVU2Y3QzlwdlpWSWpETTFCU1Jaa1dzRkpkZDNkQzV4WU5CNUhlV3M1b3R4QlJ5NmdaUTl3RDZreVZJVTlPdDJOSG5JR2tqNGRoc05BM0hsMHVKcU4rQUM0YWZiaHEyOVVrdVRPN0laR1NjQ1krdUlWU1Z2bFNFWEpzQnhUVUxjQ0w1djhnRUJlYUg0OVBmdU5hcGt6VGRkbElBcWFxMkJxbVpDNHY3aW1FdVN0eTEwZVdNbHpCOGNJMWg1ZEdXdXFGS0NCZ0FlMWxjK3cxTS9aRlJhK05qU3g5aEtta0ZZd1QxYjl1QU51bWo5SUdPb0dMc0JDT0JxSWh2bjdMbzl4VG8rb0Z4TUlFWDdvdEFHZEMvK29vOHI4RT18&cppv=2
Request Chain 268
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 269
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8890840999861779946
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&gdpr=0&gdpr_consent=
Request Chain 271
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7069839872328333465
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yh0d6AAJnSKgPwAy HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh0d6AAJnSKgPwAy&gdpr=0&gdpr_consent=&_test=Yh0d6AAJnSKgPwAy
Request Chain 273
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dY6sS_DMQBhKy2DWm_lbPcEbDgo
Request Chain 274
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 275
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSm5VN0VPandBQUhfcjVyWmxNdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGJnU7EOjwAAH_r5rZlMw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGJnU7EOjwAAH_r5rZlMw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGJnU7EOjwAAH_r5rZlMw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 278
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 280
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1646075368796 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5809824948 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e1fb2f6a-d869-4719-8236-54cc68fb9008 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9c0fa485-a7cf-416e-9622-957f063085be-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9c0fa485-a7cf-416e-9622-957f063085be-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9c0fa485-a7cf-416e-9622-957f063085be-003
Request Chain 282
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ynG3Qx6BrjaXujvX9AUXYZkd
Request Chain 283
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=697b1872-5620-43e3-990d-1542500e8859-tuct916a368&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Yo3x7jcvQDi2HL57t7JGYQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=109b621d-1de5-4c01-8d84-0d9f8cfec773
Request Chain 286
  • https://pixel.onaudience.com/?partner=214&mapped=628DF1EE-372F-4038-B61C-BE7BB7B24661 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df59dfedc7e39aaadec1ef742359417 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=e1fb2f6a-d869-4719-8236-54cc68fb9008&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=32bb70bf3a79a454 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e195b2389e47&zcluid=32bb70bf3a79a454&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGXCzuoXuefI-IHH_HLFQWE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e195b2389e47&zcluid=32bb70bf3a79a454&zdid=1332
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMf2TEKmDBCS97AV_1jZgK0&google_cver=1
Request Chain 289
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4167049332457013070
Request Chain 290
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1fb2f6a-d869-4719-8236-54cc68fb9008
Request Chain 291
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4503125521303474865&gdpr=0&gdpr_consent=
Request Chain 292
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB
Request Chain 294
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=628DF1EE-372F-4038-B61C-BE7BB7B24661&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=628DF1EE-372F-4038-B61C-BE7BB7B24661&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vFJNCNE2uXKXvGbWxo8HwYYUwff0f4-~A&gdpr=0&gdpr_consent=
Request Chain 295
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=fb426a21-f691-4e49-8f65-32ad8ddf3b1e&expires=3&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 296
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7203241715059479037&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 297
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d63e0548-6ff8-42f2-a062-ebe80d3bb5fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 299
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 300
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4503125521303474865

305 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/ 		129 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ba31791ed596963078a181cd695f2073bd4f13fceeacf1d33e61f448a4d52c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Mon, 28 Feb 2022 19:19:21 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Hs8wOY%2B3DiHHyjaA6Wk0u1rLG96PmVmIb%2Fwm9xadt0Hm6B3jVHfGZkR9c1Ml8M1euAQRjkw09QAdrR%2FFvwiZBkZXaStB9T1bzIyxByb4hJeqqdg8CJeTPMV2s4cqTRgxiZp0MwAeCoUuGdNSKdtFQjsd1BB"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e4bf2607dfc9243-FRA
content-encoding
br
208598X1688373.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/208598X1688373.skimlinks.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a340cf95db4ccd0957a3dfd1abdca7217f188dbe8c952ea06c6b67f41bf25be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 11:39:58 GMT
server
AmazonS3
x-amz-request-id
404EVZPVF5HHBEYH
etag
"2fc300519c04a18ef3a2ae9079ca26e1"
x-hw
1646075362.cds010.lo4.hn,1646075362.cds258.lo4.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18775
x-amz-id-2
yefWV+mME/FPHGX77anmmDGkZ36/JBMq1zM/joiFReRfXifcIzXPWuJG0i2eJHa/mLgmTaMPQNA=
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fca07f51c4cfeca53dd6ee70c1eb966e9c94ddbdc0ece16a121f02a3f5426811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65135
x-xss-protection
0
expires
Mon, 28 Feb 2022 19:09:22 GMT
rawwdigital_lander.js
cdn1.decide.dev/tracking/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.decide.dev/tracking/rawwdigital_lander.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc36001176809c54fe050368b70394598595dae41be3d65fcf4b940c2a6b8fed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
VKF3PXIGT6uahfGgqqEppePmeEsxnDfi
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 23:32:43 GMT
server
AmazonS3
age
34948
etag
W/"d03f6760ecb4de6f21e8a508d1e69a36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 09:26:55 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
DoEeN_7qbU_6me4TIasOFdpy7-n-G_Dj66GLzplKYOdo5o0yqTOncA==
g1250.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/ 		812 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/g1250.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769968d586489050b97c345679dc9d6f2121a1c26c368c939ef6d0894a8025b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
age
261
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siL0vPGVozAwM1ZX8UtUCHk%2BkkKG3IIwOfjZMbXY9IDPeUrv60JhwoWhtVzroskSkKhR6nM29URH9jx8dQPmLPcEfe6sXFg7W2Bw%2BycoCeBUexggafgWz8BkQMQzP8gLjDVCHvTiqh%2BjgM6SKmurDxBg8PUe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf26589689243-FRA
expires
Wed, 30 Mar 2022 19:05:01 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a76630aeb16240e83f630491860681c35ec807a778524dafd8841013388cdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 19:02:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Feb 2022 19:09:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Feb 2022 19:09:22 GMT
g1250.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/ 		670 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e0bd45add7e97d531583fc2c296ce699eeeccdebd54f2eaa0741aa00eb63c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
age
374
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaZH0rocdkMiX87uPSjuhGAZFKQyeFIlVOEI1ck%2BuI%2BO6aPTBJZVJFxX093lnoaznz6ZGsjGWvsa03s8lh7XHJwTfpgZaKfONsZAKzS5EEQak%2BLV8YmIGSuNHRjAR5ka8i%2F4TTlX6c3V0w9e8F3h4ZwpwHn9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf265896e9243-FRA
expires
Wed, 30 Mar 2022 19:03:08 GMT
g1250.js
resistthemainstream.org/wp-content/cache/wpfc-minified/2i4w2w/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/2i4w2w/g1250.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ad74927dffa428f88472c101c2d2f1fd943032ccdea08170ab2391c0f4c2a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
age
374
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx5lm22P6erUiP%2BHAQKxlQKiU1f%2F2wl0S1Gk83WXGR1XvTUwp9E5%2FRDUGnhj%2FnrzHQBr7vdU6m6wOlZnw30NRle4p3oMvTKG1zrSDaZnPHmN%2F7YRNTNCxX925Y1d9JGw7GiURvFYrvCA9tnZQwYRFrtXtsgO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf26589719243-FRA
expires
Wed, 30 Mar 2022 19:03:08 GMT
signal-2021-09-28-044331_001.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_001.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 02:48:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezne8x0BqDVvZyMp3yMHH0FNS8sFAkl0qNGVlg%2BGnfR8kSiFBpWkx8pe3j8HEaufVPGYeD%2FpE8uKvrINw2yvUBeTHIuVNKvgtIhxkHBuGQIqfrG5S6Px%2BVKB7Fxw6f8cZDuonuvCkqBrx0luGQBywAYVeZ4E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf266ac609243-FRA
content-length
2863
expires
Wed, 30 Mar 2022 19:09:22 GMT
logo-mobile.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/logo-mobile.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 03:17:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1NDdH%2BcAb7aPutxEz4A67ngGABC5ZLquaSx8bfLx8XuUr%2B%2Bqvipvad90f8hOfyN2cgH6c09KLJhF7Z0VCVJIPmLmBPxaYUbMXoE11duzBiSXDp3usWfQ7VZtaxt0xiGaTuZLe3coHMjtrFrN11ME1RNIcMw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf266ac629243-FRA
content-length
1699
expires
Wed, 30 Mar 2022 19:09:22 GMT
img.fetch
udmserve.net/udm/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
76c034c998a2469296576b723761d19ed465bec2b0121f3d1d388d681b946a07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
email-decode.min.js
resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Feb 2022 21:08:07 GMT
server
cloudflare
etag
W/"6216a237-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SHyqDHFlLb2msroShegaMYNkV5E37MVWbY9pKyvoacRa4rgpZlxsjG4ARJbzoPhS2hB4iwxW1AV0uKEicrRKREvdaMmYt8x3mkA46Q3ahHUVfjdmGoso1XGmG0MzNzFu18i2LVJo0p6vuj%2Fg3v3dwP1kE9%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf265fa8c9243-FRA
vary
Accept-Encoding
expires
Wed, 02 Mar 2022 19:09:22 GMT
resistthemainstream.org.1149360.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e540517dfce921b944da3766a59a12cae0377cec8093722006850d8c6e1c2039

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
age
3367
last-modified
Fri, 04 Feb 2022 08:44:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RKCCS1RKT51QCXXR
x-amz-id-2
2zgoo/xCFFOYGNtPMYMnqtKLsWBs8DRsln63IImi9IVcfuNc0wArtfZVHdvvF3hM9jAtBjRISnE=
cf-bgj
minify
server
cloudflare
etag
W/"494bfd2fd98b636863e9f69d4cb9b421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e4bf266dc679054-FRA
expires
Mon, 28 Feb 2022 22:09:22 GMT
embed.js
talk.hyvor.com/web-api/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/embed.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Feb 2022 12:52:09 GMT
server
cloudflare
age
195433
cf-polished
origSize=6290
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ2Zy6Fiod4odEhQzLUlwSyNynroQLTKyfi0rEYaG2Vn9MS3j29covaUZwL6eWNot3L2ViEN8nxDP06j5jpIrldfm%2F3JFN2G4BsLNpVmgLVreBruNJHeiNfaysqCKu0FlWg38hKPt%2Ftxf1GN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, public, s-maxage=1382400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266dcc39ba7-FRA
cf-bgj
minify
resistthemainstream.org.1156929.js
jsc.mgid.com/r/e/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca58561193cd33a489a451411d1f6a1a3b32c07a137a708e095f8673139f9dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
age
3367
last-modified
Fri, 25 Feb 2022 20:36:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3HNK8Z336XC8CTBM
x-amz-id-2
gIC8+S1x45W/YUXEba3d36xHCagcByIiq20uKKq6Crt0JfDa6kwNC1OP70QbHWgtu/d1vmnJwlg=
cf-bgj
minify
server
cloudflare
etag
W/"b03f39401c3ad09fcfb8b70fc29576dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e4bf266dc6d9054-FRA
expires
Mon, 28 Feb 2022 22:09:22 GMT
/
talk.hyvor.com/web-api/count/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/count/
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"54ae38239fdac3aebd77d7563e732af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AxDqFCX90%2FopuMdJ%2Bv%2F35RQWrmD9EL%2FaSoDVpOYYa4uwO3BACU%2FrNpkV%2BxzbmRv9ouVCMscbzwxlNhON0gcAEv2twk%2BdCSzM04CztbqH46GBVZt9KyK%2Fr3qqOkCMQ7rgmVX1b%2Fa532S2832"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, public
cf-ray
6e4bf266dcc79ba7-FRA
front.js
resistthemainstream.org/wp-content/plugins/embedpress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/embedpress/assets/js/front.js?ver=3.3.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 02:39:45 GMT
server
cloudflare
age
261
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV%2BIGcwJKntQxOrwXattU8kvP0Fjp543U57XzllcrfsbtQUhH8WwGvs6%2BSxYmOJ4SSOoZodpGzeNySEJ5ul1SR0Mdj6%2FGqDKQcHXX28TAMw8DXVDV%2BVjZOkmEzncF%2Bc4qxXpBFzvPqiv4zqPJoOooISOX7oL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf2661afc9243-FRA
expires
Wed, 30 Mar 2022 19:05:01 GMT
frontend.js
resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/frontend.js?ver=10.0.2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 03:15:39 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twp9iCWBJyx4vRa7hoXVGfwkwlToUmRmgqqegOik9mgayRNsI4scVLvaSIWI6Rn61UGQzz3h68sghQw%2BxAMaWYcmIiqugacnC9xz1kpQPr7yIzmJ8efNYf6IkAHbwAYrByeR5wxXZmY8soVeiqKMaHiEmhDY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf2662b119243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
comment-reply.min.js
resistthemainstream.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 00:35:29 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYZLyoMi1IF2KAbXNKs2k21TqGq9x4KZIfLESQ3BtxGCfoMKQIuM%2Bdcv5EOPWlGSkDs08fC9IaLUP8jLXKnp3ipwyX5ktcByh4Ari%2BXo2pMGP5RzmYXTYcN0XQAny8qUAKSVkMz0eCQIl3XcojR4uI2%2F5IwK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac4e9243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
hoverIntent.min.js
resistthemainstream.org/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdgcHgnVP1hTT3jdVNyNSDfHR771MfUnxnIH%2BmPz0Dm2KzoE8KBw%2Ffyc0eaJugd2X5PQeYnNW05H9chr4R2hAJSWCeuQHeTy27yGsQXUNomMzUUPFkhFHfCZHekn%2FbndIzlGCgHshjqzkGZsFpuT5cBdL4Sz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac529243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
imagesloaded.min.js
resistthemainstream.org/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Feb 2021 00:14:28 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URG%2BE3aWZqRK%2B%2FV1sf3dUVhZeES3w7aAr966MMr0x7rScEa8UxUSWkoTcfeqz7sYc3Hw%2BD4hMYjEwr9f9p9rAZ85j2k59welyiH2mGE9VfxEbz9ZOVEVIuGWrAsUQe4cVx3GVGWF9ZvpmreZZXAb4xZc%2By4M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac539243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
frontend.min.js
resistthemainstream.org/wp-content/themes/jnews/assets/dist/ 		294 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.0.9
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777ed778de6f8fc2f1d332610998bf45a8c9c4601ea0f96c91ec92052708f6f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUCcuHd5vzh9EeAoM%2B8PjEAu3JD%2Bco3EqzgrxK8QJTbQutRe5Ll6ULuP8QTTlhgk6p5Oyek7zS8PnvjUQrPHBBjqHgXl%2BodZA9K4hjKDEDSKErImNHs6Qnu8XfR0A5bEQA9IJfDM%2BhE7%2Fox4C0SzSOKuIHgH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac579243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
frontend.min.js
resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbfb77a8ec93c492ddb23650915dc98fd562a4e7c1071dc18194f78933ff4d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 02:48:43 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Fw3QwE%2F1zPyM5SXycsimSYtmVy8emYoeEPCrz%2BD0pqljZyexTrNu%2FA5uJyaoKgbhASGO4s395ZL0N9zwu7lmrf%2BQRiHQcE6nU7wbI3zIuGb3K2UuLl%2FLDx5Q9I3zu3raNgn0pRhD6axmy5W0hgWY%2FCiUZyX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac5a9243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
plugin.js
resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 03:16:18 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5cKsxYVkClbMZf6mYc1CNqvqEnDlZTj3Oa2%2FmU%2B56Xz5jjG6HlV%2FrqQEnM%2BMJ%2BQm8UD6FFOht6MV1SgnbNfIokcTV6mW8%2FDTfQKMnodXJsHonGTNiXzjMLVSMz1E7DGc3LF3a2QZdxn7b%2BAsEzYTfUjpumT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac5b9243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
ads.js
resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.39
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 02:39:28 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj%2BXR4jEPNiVzIz15HTIzuSbL3wV3dAfZG9dBx0fDidDdHrHAdzQveLv08ABe5oF%2BlEph9gLefdip%2B93tjmXn2PfS93XGdIjrt8MLnX5a1Me9DzrOhaFPphOtC%2BnquBoHQgnIgrYM78GYebfbGdpBS%2BA3ELA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac5e9243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
/
r.skimresources.com/api/ 		150 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
95c403c0e7b683d08745c0e18f2a881be0f5b329da5aff039642f73048f3168a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 50EF 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.41220231446729216
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=5.258473776956897
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=5.258473776956897
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
928240
cf-ray
6e4bf266da7f68e5-FRA
content-length
28567
x-amz-id-2
JRuATVnhK5aTWebrb/UxEx668VPTef9xrWWoafFq1mrvOYUxBj2865eVYh+xN7Y/BElkqf0Gcj4=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
T5CV2HSV57XY278Z
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 07 Mar 2022 19:09:22 GMT
wp-emoji-release.min.js
resistthemainstream.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSjmmLv9FtWJ7N8xDR43XStyyuyjLA7UXQGukWx053H8FP8jouRiSFvVlL7EEEe3NR4g0ooE%2FiPNe9YBmNrOQ8qi3um1cxjpbR%2Fvyn5U1wkiYxhxa5KZ1Jy7FYga5c6EQVLynToFOMLpmlraUrpT2svY%2B%2FDS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ac639243-FRA
expires
Wed, 30 Mar 2022 19:05:02 GMT
v2lqjutzC4g83P71WdY5Xu_GXlIdlGNG1cvwpXTL7zlapJHSKHC_biAI
fearlessfaucet.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2lqjutzC4g83P71WdY5Xu_GXlIdlGNG1cvwpXTL7zlapJHSKHC_biAI
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
eee29f9060c4e41346e99035b27d15d16f1fb8434048dd5ccd3828b9454711d5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"e9bb68ad38a3dfe621830390abc224d8109a2c6cc3998c416ee6af994f88214e"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-jrj8
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 28 Feb 2022 19:09:22 GMT
x-buildnumber
478878929
timing-allow-origin
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:30:30 GMT
x-content-type-options
nosniff
age
430732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:30:30 GMT
fontawesome-webfont.woff2
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqk%2Bnq6LiWsQois%2FJRC%2BwZzRQYDLbpNvsFxdgacDME7tNcphKMFRhCTYk7hmoxzVVYYHCRpit6C3WzY%2FPULkgni9hXL39qLGkpMsRCiajBs5yzrDBr%2F2xXzCbey%2B2cXwIq2o8lut5wSanF8YuIYKwZkXNBlM"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf266ccc09243-FRA
expires
Wed, 02 Mar 2022 19:05:02 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:30:31 GMT
x-content-type-options
nosniff
age
430731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:30:31 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 02:56:43 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 18:53:39 GMT
age
58359
etag
W/"14de-17f323b45b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
RG4r3yWcejcyV9IGSJXAk0FRSu139GwdrpmLgYf_62YC67baozwYlw==
collect
www.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oe2n0&_p=1230686919&sr=1600x1200&ul=en-us&cid=370238428.1646075362&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=Donald%20Trump%3A%20%E2%80%98We%E2%80%99re%20Coming%20Back%E2%80%A6Something%E2%80%99s%20Gonna%20Happen!%E2%80%99&sid=1646075362&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
preloader.gif
resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX6T9PoFF6KHlhTT8%2BTBagopyUkccAe%2B0p0udhaKyCx80K85hIazB5vnYHXiyA9O6Tyc3x1rtJbd8900AEpXbHdR2K61pdwSQbg58S8FxnMimSX9e8uMeQAWw5zzEY0SRr%2B%2BkLVlyTcbNXab1lSOyrbfQnjV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf2676e049243-FRA
content-length
4399
expires
Wed, 30 Mar 2022 19:09:22 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 11:55:47 GMT
x-content-type-options
nosniff
age
544415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 11:55:47 GMT
2021-10-05-23.42.27-modified-80x80.png
resistthemainstream.org/wp-content/uploads/2021/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/10/2021-10-05-23.42.27-modified-80x80.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb2b0d9a945dbe88c1f7455461eb16c036cf2b73795f5c3543cdf83ef239164

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 06 Oct 2021 20:18:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WF1V4BbFybhayREsYMW8vTA5vIz0vgwn17bM98zOHfPNVERg55QeHlQVHIBGCu9heUh4jAph%2Fqm1600XQ9WPb5uTZYowIEe4rjEB%2FcAcHvzy468j1eF%2FDH0ccPn6TTkZD5e5gwtWfpwEL8NUi1mHDwFRDPl9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf2677e309243-FRA
content-length
12424
expires
Wed, 30 Mar 2022 19:09:22 GMT
jeg-empty.png
resistthemainstream.org/wp-content/themes/jnews/assets/img/ 		70 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2Dqhkt%2Fihk%2BwF7YN5WKH9cE84Bh8cf1RwD2QVZeLCCfPkeb8suYhYrwp8x7vpg7qKOQdZZn8bTvJ%2Fbs2PAMBAFw6pIDno5dkfIF0y2G0Hjvy957k157n8Wb8R4qIgoJeCsHEFzsyoB44pVKzd9V%2B75yTSPC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf2677e329243-FRA
content-length
70
expires
Wed, 30 Mar 2022 19:09:22 GMT
resistthemainstream.org.1149360.es6.js
jsc.mgid.com/r/e/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5a4e7ead41f845ca2cbddf2f32eddf7da97bef12f3fde0d9c34ba9ff5eb9ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
age
5734
last-modified
Fri, 04 Feb 2022 08:44:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
A074YZE82DKEY6NT
x-amz-id-2
j+u7u9MwqBy/oOy15d+58kaEa9EsDKkcxF02OLNOOX9Q1J79cfuEAFR2DfqqxjH20MbDPqNDCu4=
cf-bgj
minify
server
cloudflare
etag
W/"205af177f0806e537f4206b76700dbae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e4bf267cba76927-FRA
expires
Mon, 28 Feb 2022 22:09:22 GMT
ping
api.viglink.com/api/ 		0
0
13763115057895526
lockerdome.com/lad/ Frame 0BE2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 28 Feb 2022 19:09:22 GMT
jegicon.woff
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
age
260
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcApTcTTtAruzhDKtDTtP6GZ4VZHdsTlWU5fXM9jyJ2p5MWpudrhwGb6YamnTb5fv%2FwJ0zo%2BAxZ62xeg1XsS58VkkrhxbJY%2BSs8kOKBgtQsqFm6GHGM%2FL4U1ic7n82An8a8v8pY%2BFh7AOSiA%2FAaMneIPtgfL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf267cf0c9243-FRA
expires
Wed, 02 Mar 2022 19:05:02 GMT
resistthemainstream.org.1156929.es6.js
jsc.mgid.com/r/e/ 		246 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf370a81e8f9d7ca9f8e9a1239935432d4537acb7fc1e3acda3a0cfe9127c57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
age
1143
last-modified
Fri, 25 Feb 2022 20:36:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
JCD59E6H191HKTFM
x-amz-id-2
67izU92y4sGokAGWaYh/z08PDElFbnNagoG76LBTbf0/MMys+UXxg3Bts4cbeBwMal6mDUewITo=
cf-bgj
minify
server
cloudflare
etag
W/"a7b61cecd217e47c4ec6cc3c3bb77d4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e4bf267cbc86927-FRA
expires
Mon, 28 Feb 2022 22:09:22 GMT
api.min.js
a.omappapi.com/app/js/ 		205 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-198
cdn-cachedat
02/25/2022 19:06:14
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Fri, 25 Feb 2022 19:06:14 GMT
cdn-proxyver
1.02
cdn-fileserver
300
etag
W/"621928a6-33287"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
3b5d0f3f1a56e4390ecc5858fe5e5bce
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
13420768046326374
lockerdome.com/lad/ Frame 1489 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 28 Feb 2022 19:09:22 GMT
analytics.js
www.google-analytics.com/ Frame CE81 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5669
date
Mon, 28 Feb 2022 17:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 28 Feb 2022 19:34:53 GMT
13420770663572070
lockerdome.com/lad/ Frame 3283 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 28 Feb 2022 19:09:22 GMT
13436276233712486
lockerdome.com/lad/ Frame D898 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 28 Feb 2022 19:09:22 GMT
/
resistthemainstream.org/ 		123 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/?ajax-request=jnews
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb73059294eac68cdcebfab256eee625a837fcb65f481e5e3ce7f873e094b275

Request headers

Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcdlYwWQZs%2FONciCfNSkTMrgXy1ylvVa%2FdQVkiPQI7H33KvAFgE0aGJaDQ7l0tpe%2BaHUFBHPg0GNqq%2BNw6ELjeq9oWC6ob6VnKXQIxPg4dKxsKCBwkjRNfq22XCBD6KoBm90X%2BUcpBomC5W0U%2FJszaP%2F6fz2"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
6e4bf2683fc99243-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
r.skimresources.com/api/ 		150 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
95c403c0e7b683d08745c0e18f2a881be0f5b329da5aff039642f73048f3168a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
resistthemainstream.org.1261872.es6.js
jsc.mgid.com/r/e/ 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1261872.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bacdb6fe76362ca53bce31ce973a45dcbd5189ff897a79cf5a970c9c487f52e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:22 GMT
content-encoding
br
cf-cache-status
HIT
age
1143
last-modified
Mon, 21 Feb 2022 16:00:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K1ZZQ948RXX0EBBP
x-amz-id-2
BeXSWnW7q6oLIS5xgsYlzjZFR/UTScw1+X8KQ8m4gpiY/81yNF6khchBOJm9y5okfwWGKaucuXM=
cf-bgj
minify
server
cloudflare
etag
W/"652c06d4156a0f4dab063728f71bdd76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e4bf2682c8e6927-FRA
expires
Mon, 28 Feb 2022 22:09:22 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age
17808888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
XfTmioHbQJjFraFgGldNbw4oSA-8-6UWMyT9SmL5BlzvxFq97YrhFw==
collect
www.google-analytics.com/j/ Frame CE81 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=55566233&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=AdUnitInHiddenContainer&ea=14264500010300518&_u=YADAAEABCAAAAC~&jid=123886538&gjid=2040747514&cid=370238428.1646075362&tid=UA-1933164-1&_gid=1785420726.1646075363&_r=1&_slc=1&z=1096509069
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/ 		22 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:22 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
udm-r3_v2.11.2.js
bid.underdog.media/ 		561 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.11.2.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9966fc9c928cba02ffd2d23487340ed1ef61fcdc3dc91b825a94f7bb0cdaad13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 21:23:22 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 21:05:11 GMT
server
AmazonS3
age
1719961
etag
"a723494b6e49740e4b219164d9309e31"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
172360
x-amz-cf-id
t8GKWKXXbqUGOjWGADwL4pP33ED2qV6opqpscEinh3g_T3uVpqNrHw==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 07 Mar 2022 19:09:23 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.21301052
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.21301052
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=4503125521303474865;cb=0.21301052
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=4503125521303474865;cb=0.21301052
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:23 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:23 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
34076f67-265f-4647-ad28-fe499d30911a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=4503125521303474865;cb=0.21301052
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4REYxRUUtMzcyRi00MDM4LUI2MUMtQkU3QkI3QjI0NjYx&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4REYxRUUtMzcyRi00MDM4LUI2MUMtQkU3QkI3QjI0NjYx&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052
  • https://udmserve.net/udm/fetch.pix?pmid=628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=628DF1EE-372F-4038-B61C-BE7BB7B24661;cb=0.21301052
date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
services
sync.technoratimedia.com/ 		0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.21301052
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
54708721
access-control-allow-origin
https://resistthemainstream.org/
access-control-allow-credentials
true
dc.js
stats.g.doubleclick.net/ Frame 0BE2 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5104
date
Mon, 28 Feb 2022 17:44:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 28 Feb 2022 19:44:19 GMT
dc.js
stats.g.doubleclick.net/ Frame 1489 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5104
date
Mon, 28 Feb 2022 17:44:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 28 Feb 2022 19:44:19 GMT
dc.js
stats.g.doubleclick.net/ Frame 3283 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5104
date
Mon, 28 Feb 2022 17:44:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 28 Feb 2022 19:44:19 GMT
dc.js
stats.g.doubleclick.net/ Frame D898 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5104
date
Mon, 28 Feb 2022 17:44:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 28 Feb 2022 19:44:19 GMT
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 05:44:53 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
age
48271
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
zHFGd2RVl0C8UjdyRdRi3vfmQi2PyjxoxI6zUuehk9O6qsdCAk7wLw==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:46:25 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
age
1379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
VHiVcmTFfDn1nEL4SLspjDHXAEpmwY_Dt0GJ4J-yTkA8aXObmIVuqw==
v2lys0bql3WH-456bpV5BpojfiQ6KkcTBWdhCk44GD8sMJg48GOSzI-zFQVvB21fu3d8S9ncG
fearlessfaucet.com/ 		209 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2lys0bql3WH-456bpV5BpojfiQ6KkcTBWdhCk44GD8sMJg48GOSzI-zFQVvB21fu3d8S9ncG
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2lqjutzC4g83P71WdY5Xu_GXlIdlGNG1cvwpXTL7zlapJHSKHC_biAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
fce9eceabf0f92db3bc63f0decee2504a49c5b89706f748f7098b6eeff79109c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 28 Feb 2022 19:09:23 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-jrj8
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
478878929
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 28 Feb 2022 19:09:22 GMT
bcv1.js
bid.underdog.media/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bcv1.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.11.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a01112d5832bbd7d26eb685f85ac8f08ccfee867655af37bc0a1c6ad915afd71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:40:19 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:30:03 GMT
server
AmazonS3
age
1745
etag
"956f81f13e75f15472a88c344b84f3cb"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4320
x-amz-cf-id
qCS6kkeF0qU5r_W1epjILjL9uVSgFrEfByyfzpBpHKOLG51Lrc58fg==
rrv7.js
bid.underdog.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.11.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5be9b0d52e3137b77ee3f8766bb49308988f72ad3b7c9e17dabf71b2b04e760f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 17:36:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 17:30:04 GMT
server
AmazonS3
age
5557
etag
"e62d25b972bc7660a7c4b809477bdbff"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1955
x-amz-cf-id
KJojFa-1EmQEJsLdeLM_M97jkPQbQMUavQPXL5SM8aMKg_WXrC4yhA==
img.fetch
udmserve.net/udm/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.11.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:23 GMT
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
1
Content-Type
application/x-javascript
pixel;r=734811448;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram;uht=2;fpan=1;fpa=P0-1084276924-1...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=734811448;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram;uht=2;fpan=1;fpa=P0-1084276924-1646075363126;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=resistthemainstream.org;je=0;sr=1600x1200x24;dst=0;et=1646075363126;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Donald%20Trump%3A%20%E2%80%98We%E2%80%99re%20Coming%20Back%E2%80%A6Something%E2%80%99s%20Gonna%20Happen!%E2%80%99%2Cdescription.That's%20a%20big%20hint%20right%20there%252E%2Curl.https%3A%2F%2Fresistthemainstream%252Eorg%2Fdonald-trump-were-coming-backsomethings-gonna-ha%2Csite_name.Resist%20the%20Mainstream%2Cimage.https%3A%2F%2Fresistthemainstream%252Eorg%2Fwp-content%2Fuploads%2F2022%2F02%2FTrump-8%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1866485511;labels=edge.1%2Csid.17411;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram;uht=2...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1866485511;labels=edge.1%2Csid.17411;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram;uht=2;fpan=0;fpa=P0-1084276924-1646075363126;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=resistthemainstream.org;je=0;sr=1600x1200x24;dst=0;et=1646075363127;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Donald%20Trump%3A%20%E2%80%98We%E2%80%99re%20Coming%20Back%E2%80%A6Something%E2%80%99s%20Gonna%20Happen!%E2%80%99%2Cdescription.That's%20a%20big%20hint%20right%20there%252E%2Curl.https%3A%2F%2Fresistthemainstream%252Eorg%2Fdonald-trump-were-coming-backsomethings-gonna-ha%2Csite_name.Resist%20the%20Mainstream%2Cimage.https%3A%2F%2Fresistthemainstream%252Eorg%2Fwp-content%2Fuploads%2F2022%2F02%2FTrump-8%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v2xmvyxWLyV-tnKFitn56p4o-j50kDaj9MkxPDN6HHZM910do5F7GjcahevR2jTaUZz68IS32
fearlessfaucet.com/ 		389 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2xmvyxWLyV-tnKFitn56p4o-j50kDaj9MkxPDN6HHZM910do5F7GjcahevR2jTaUZz68IS32
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2lqjutzC4g83P71WdY5Xu_GXlIdlGNG1cvwpXTL7zlapJHSKHC_biAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6e4e6f4910d3e428204e31dbbf96a2cab11b126b1afe87a99987954bbcceb3c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 28 Feb 2022 19:09:23 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-jrj8
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
x-buildnumber
478878929
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
389
Trump-8-750x394.jpg
resistthemainstream.org/wp-content/uploads/2022/02/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/02/Trump-8-750x394.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5a03b9f1e266f741abc0057ddbf100813b5d83dec56cfd6735018fc478e152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 23 Feb 2022 22:44:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98kgdnq4CMZE5hlisdq%2BqmLvL2uQ0hE8hPObG4cynbdXkLVvJlp4Y8ijCWJnXV6f55w%2BTt3WtPEjTuHSp8dZRRNBOFtrYMjH5SXMmpfcGwYKPGVAwRtEOqSdSm1XNXu62CfLiiQz0wRg2Sp6sJYhft6ZknrC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6e4bf26bbf4e9243-FRA
content-length
32961
expires
Wed, 30 Mar 2022 19:09:23 GMT
cpac-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/02/cpac-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be9c1a0581c5b3c6f104e4198ac8fac9dd9353e1ae9fbe752b932370d71c93db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
260
cf-bgj
h2pri
content-length
14567
last-modified
Sun, 27 Feb 2022 19:17:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJKoSiVHUSG%2F5Cb%2FaZifRlFUXdFpeRi86FTC7FMTjKrZXi%2Fx92hq8ZL6U2XSW%2BuIaf37YKfyfLa2EzL94NEZJQQ6VayXjvvYFJ00Wj7VcIgsjY1zhoAqorQdibvW%2FME3wWGX5dGwl8qXTyh07jdPCHXj%2FpiW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e4bf26bbf4f9243-FRA
expires
Wed, 30 Mar 2022 19:05:03 GMT
lindell-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/02/lindell-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f51346f56c67f29e6f48595a158e6cee206c65764fc7ae111eeb6ecff2e7d941

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
260
cf-bgj
h2pri
content-length
16640
last-modified
Sun, 27 Feb 2022 22:15:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2xSNLViedPwr1EMh50SnZOho06uKURmAslTJYAa05fJJ%2B9aCLHGAi7ApMK2nmvXI6xzc5BhpkyeVaNwczzuYYBYgOrBUMcmYNhGQ7MreUcTXO9clMb7InKAfD1GvROvtehTywBtLhN1SKliY68OCXtUx3dX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e4bf26bbf519243-FRA
expires
Wed, 30 Mar 2022 19:05:03 GMT
/
c.mgid.com/pv/ 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=164607536314811800563&uniqId=17cee&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&sessionId=621d1de3-09eb4&pageView=1&pvid=17f41bcbf4c986b9359&site=720235&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e4bf26bcfcf9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
HIT
age
4839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e4bf26be8159054-FRA
expires
Tue, 01 Mar 2022 19:09:23 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
HIT
age
3641
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e4bf26be81a9054-FRA
expires
Tue, 01 Mar 2022 19:09:23 GMT
1
servicer.mgid.com/1149360/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1149360/1?pv=5&cbuster=1646075363233288350942&uniqId=17cee&niet=4g&nisd=false&jsv=es6&w=660&h=295&cols=2&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&sessionId=621d1de3-09eb4&pageView=1&pvid=17f41bcbf4c986b9359&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200c18ab1aafcc509954085bdaff91dc6893fd31ebddf2fefd03f7172f34035e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e4bf26c49009054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1156929/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1156929/1?w=1140&h=2875&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1646075363239155194998&uniqId=11452&childs=1225368&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&sessionId=621d1de3-09eb4&pageView=0&pvid=17f41bcbf4c986b9359&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d672ca755debf01121747cb27245811fe8d4477515548828af441bb75fef3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e4bf26c49099054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2FmOTYyYWVlM2YyNDFmMjFhMjY5ZmM0YzI4MzQyNjFkLmpwZWc.webp
s-img.mgid.com/g/4147874/492x277/113x37x555x370/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147874/492x277/113x37x555x370/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2FmOTYyYWVlM2YyNDFmMjFhMjY5ZmM0YzI4MzQyNjFkLmpwZWc.webp?v=1646075363-xOnDGoixvOJAsteRqcc9yrte1ZfgcyNskNXhOKN1sZI
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d261a9b38d6d7f322d7fa906d61b29231350cf8ce1b86c2a545a09b5317e3283

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:00:25 GMT
x-mg-request-uuid
71f8c1fb-bcb7-4ea9-9049-f350f1823d26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26cba019bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18342
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvNDYzNzQxOThkNTY5YjhlY...
s-img.mgid.com/g/10881021/492x277/-/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881021/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvNDYzNzQxOThkNTY5YjhlY2E2OGZkNzkxMzFjNDkxMTcuanBlZw.webp?v=1646075363-QRNLiczVfermm1fO75LyhURUGZ3LiVXDC1vCstn-E8E
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65772f5d2029b3f616d43c8beedcdb2d4add3cda1d1068e761dfbf966fd4d6af

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:46 GMT
x-mg-request-uuid
38713fcf-161b-4b1e-9f91-efbbdf1e07bd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26cba039bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23960
server
cloudflare
i.js
cm.mgid.com/ 		0
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1646075363318764231503
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e4bf26cda779054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame D694 		0
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1646075363335141634284
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e4bf26cda7e9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-01-21T09:04:50+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sat, 21 Jan 2023 09:04:50 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA1LzEwMTkyNC83Nzc1ZThiYjg2NjgxNTBiYjJiYjBjOWQ5MmFkYmE4OS5qcGVn.webp
s-img.mgid.com/g/3805670/492x277/227x0x945x630/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805670/492x277/227x0x945x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA1LzEwMTkyNC83Nzc1ZThiYjg2NjgxNTBiYjJiYjBjOWQ5MmFkYmE4OS5qcGVn.webp?v=1646075363-_6jSpcXBqhW9uSTngObfF-C0F14XrqS43AjDm1vSlIM
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6368cbde5fc5d0400edfff0f9e0321ee577b0144d0692d9aab0fece4b30f58

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:04 GMT
x-mg-request-uuid
3d24c969-5d7b-415e-9ebc-75d5a4d27a2e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cec9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18910
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2E5YjA2ZGIwNTdmZmNjNjg0ZmQyM2M4MGE5YzEzOGM4LmpwZWc.webp
s-img.mgid.com/g/4723158/492x277/78x0x660x440/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4723158/492x277/78x0x660x440/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2E5YjA2ZGIwNTdmZmNjNjg0ZmQyM2M4MGE5YzEzOGM4LmpwZWc.webp?v=1646075363-YJlBuKAULAJG1btVseT5_3JTDJQdz2RYdWWZYSvVHII
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d84c2b7e2a8737088609a106ca4bab5a3906ddb000d742eb02c65a89330fd7

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:58:40 GMT
x-mg-request-uuid
48fef463-1cb1-41d3-832d-37d0422165fd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cee9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6446
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2YyOGEyMTRkNmVmY2VhNGUzYmFkMjc5ZDlkNWEwNTFjLmpwZWc.webp
s-img.mgid.com/g/4723154/492x277/29x0x556x370/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4723154/492x277/29x0x556x370/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2YyOGEyMTRkNmVmY2VhNGUzYmFkMjc5ZDlkNWEwNTFjLmpwZWc.webp?v=1646075363-Hd73xw0cuD4mt67BvxYHqhT4eaMG-uV3mfo02RA70MU
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec0bab1fb5f5a09834d9d0c5903e0eb2ec5b71033eb38df02f17da8fd6ba177

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:19 GMT
x-mg-request-uuid
ee96ac29-3135-4ed8-bee6-2d02d23c0e71
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cf09bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9458
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1646075363-ILX5Rw7bWgU7bCW4KO4EPesL6IuDaLA6otEMJspfwho
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
x-mg-request-uuid
7e8d50c4-dc8a-4fa5-9bad-6ce339eec971
age
1633043
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cf19bce-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UzNzU3OTAwNWM5NDg2YjYwOTAwODU4ZmY1NThjZTYzLmpwZWc.webp
s-img.mgid.com/g/4021002/492x277/0x0x811x540/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4021002/492x277/0x0x811x540/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2UzNzU3OTAwNWM5NDg2YjYwOTAwODU4ZmY1NThjZTYzLmpwZWc.webp?v=1646075363-tWoXz3FVoqq5RLhX5_BtRKepYqm1gNuOXXAZaw6ofHU
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a75650c7041b3d96cf76b88cbbceb38dde933724ecdf328d39f2a399758062d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:58 GMT
x-mg-request-uuid
503c2d28-10bb-4bfb-9fed-4a585c2814c1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cf29bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19510
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc4LHlfNTI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jMzA5O...
s-img.mgid.com/g/11533295/492x277/-/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533295/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc4LHlfNTI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jMzA5ODNlYzEzNzczNjg3NWRjMTEwZmUyMGQ4Nzg1MS5qcGc.webp?v=1646075363-UpwexSOlh72FVE1drcnT0o8HC8UsjrGLdzPBh4-Oucg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb52e9e8b38f3082a411231c7e1f7adaf6fd0a2b14583c3b87e2ef7174b47bf

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:00 GMT
x-mg-request-uuid
e90a8b25-3d3c-4bc1-a54b-82a5e673a7e6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cfa9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25432
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x277/0x105x650x433/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097658/492x277/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1646075363-rAcQGDbW--0_5pbyYdeAEDFWlU7Pza1AYGGnuFL0A-E
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4790652cf038086703be6bbb9395ae5a8549b412f19cdf26123cb574dfabbd67

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:43 GMT
x-mg-request-uuid
800bc13f-0d11-463d-a8da-57077ae40c23
age
49444
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8cfc9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12910
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp
s-img.mgid.com/g/3805476/492x277/0x0x629x419/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805476/492x277/0x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp?v=1646075363-wo8m9l4fpgUvB_N7sx4A-2FcW8Na49KFvKOaeNMQ9Sk
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:17 GMT
x-mg-request-uuid
67add3f2-a4f5-49e5-b815-9eadbe83b048
age
39141
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d009bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15702
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzkzMDU3MTZiYjg0ZWYzNmU5YmJkMDAyMTEzMWQ0Njc0LmpwZWc.webp
s-img.mgid.com/g/5523138/492x277/0x0x1083x722/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5523138/492x277/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzkzMDU3MTZiYjg0ZWYzNmU5YmJkMDAyMTEzMWQ0Njc0LmpwZWc.webp?v=1646075363-4wl-_xiYXZ4wnDmRiqkJ1eVldASpdHAA2RQa3t5B4MM
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f290448e48925282619c9b0c7a2ac2157dc23bfd21f0ea9c17619e506ba14000

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:12 GMT
x-mg-request-uuid
168c48d6-b5be-4819-b478-07a32d847b9c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d039bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10532
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp
s-img.mgid.com/g/3805590/492x277/0x0x783x522/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805590/492x277/0x0x783x522/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0Lzc3YjhmMzZiOGM2YWIwMjRhNzk0YzFmMzE3Y2JkMWY0LmpwZz90PTE0OTc5ODUwMDEyMDQ.webp?v=1646075363-GzqK0rPivJLELYeB0N1y5Zt6DX62qHpb4L0VeCD3gEA
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9074b438586a9313e096606a3e7e150b254bfe157e13efc9e845666dbb50567

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:58:41 GMT
x-mg-request-uuid
265d8cb2-d700-4ab8-9346-b558428acd2d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d069bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9102
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvOGQ3Y2Y1Y2Y1OTAzNjM3Z...
s-img.mgid.com/g/11533469/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533469/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvOGQ3Y2Y1Y2Y1OTAzNjM3ZTI0NjE5YzE5OTBkYTFiMGYuanBn.webp?v=1646075363-WMWnhH6uCwqDzCPGkbrsujEw7l98k3mWV9qeJceJp7E
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab0b8f156bb89777d7d3ff99671f3208ebd57c1ce949080138bce2efef451d6

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:49 GMT
x-mg-request-uuid
03a99c78-5411-4229-8d29-034d54a675d4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d149bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17854
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvMTZhNzYzMjkwM2MxODMxN...
s-img.mgid.com/g/11533493/492x277/-/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533493/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvMTZhNzYzMjkwM2MxODMxNzAzOTA2MjE2NWYwZGY0MjMuanBlZw.webp?v=1646075363-pwH_trDMYY1PL1bCe1g2aJw3nYnpOmT4Blhtsq3O5dQ
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1b25368702c79276c9784d88d8e762101568cf7cc6ce32c74ff2f19413ad3b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:59 GMT
x-mg-request-uuid
675e75cc-60c5-4b71-94e6-3aaad210ef22
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d179bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7478
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp
s-img.mgid.com/g/3805479/492x277/98x0x946x630/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805479/492x277/98x0x946x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp?v=1646075363-EaX4SnOwivGc3KpL_wasA1XgCZspbkCFxyBaxKyFIj8
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:45 GMT
x-mg-request-uuid
7c3996d6-14ad-425d-8318-5f6e75010555
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d1a9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14090
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTI3YzhjMGQ5NjZiZWIwN...
s-img.mgid.com/g/11533325/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533325/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTI3YzhjMGQ5NjZiZWIwNGUxY2NiNmVkOGY2N2Q0OTcucG5n.webp?v=1646075363-GGiI2qHm6fqpxT6CNmGWKcWZiqcHLj6nXAeFhrgJ1lo
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068aeb055e0bf258841870f1ee9acee5542e02515b935af0702ad1bc41afb656

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:25:18 GMT
x-mg-request-uuid
c6fa9cb4-f0be-4547-b944-ca0175b6d7a6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e4bf26d8d1c9bce-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11798
server
cloudflare
mgWidget_1.11.85.es6.js
cdn.mgid.com/js/wglibs/ 		319 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.85.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31739109b56731f390e9402cd18555d39b91dea833fe3bb9a9b33d6e8236172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
HIT
age
2292
last-modified
Mon, 21 Feb 2022 10:34:56 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5J7FH6XCRRBHFFG6
x-amz-id-2
HB+U1P138qM69hMBNqCDTx+VYi+qSRWaaGzErfvVnORVtGZ/huNsScI7RCpbaNpTsl7XRTRpO/A=
cf-bgj
minify
server
cloudflare
etag
W/"124789b091c736726fd691ac08d0a15f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6e4bf26d9ba56927-FRA
expires
Tue, 01 Mar 2022 19:09:23 GMT
mgadt.449143.js
player.adtcdn.com/prebidlink/457243.15651305555/ Frame 356C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/457243.15651305555/mgadt.449143.js?domain=resistthemainstream.org
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Aug 2021 13:57:50 GMT
server
cloudflare
etag
W/"61264c5e-805"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POyli3cnNfuX7tR1l5sAqplZEVK8SCAFP64U2Z%2FqxvcI4TcgwAMfYjtYcloZbShmyPgScVJXsSbnKZYgWVKN%2B1OH4xQ5Yz67MReksG%2Bi9HHgpIzW5Q%2BY13UlGCl%2FCKKXEeFiurzsbiJCb3f39p%2FjCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf26e2d3b3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 28 Feb 2022 19:24:23 GMT
5f431e98-d068-4121-80c6-6b10f6bbe34f
player.ex.co/player/ 		765 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.85.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c248d880f26dcd44ab9a0416174be27cc41a52979d92fc3de0ece05635f2190

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
gzip
age
0
x-cache
MISS, HIT
access-control-max-age
600
content-length
227411
x-served-by
cache-iad-kcgs7200146-IAD, cache-hhn4028-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1646075364.616681,VS0,VE95
etag
W/"bf2c4-98F/rzgVX1Vvyajw5TT3kphuzl8"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
events
prd-collector-anon.ex.co/main/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.57.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-57-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 18:19:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 28 Feb 2022 19:09:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Feb 2022 19:09:23 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 28 Feb 2022 19:14:23 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame D65A 		349 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
75f0ee9647c1d9d516b44634223490e49b2bb6271347aa0659882cf97cf28776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduk9eL8jWGh7k_UcoH2VoQdcBMZcaCeT2W-tva4cg0-gF36ofD85KiIS8dFFq69cuZ3fVQsXiEfTGHhi8_P91e7mCx4EA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99909
last-modified
Mon, 21 Feb 2022 09:01:57 GMT
server
UploadServer
etag
"9a33069e2d31b53e60c37b96ae51c945"
vary
Accept-Encoding
x-goog-hash
crc32c=3j556A==, md5=mjMGni0xtT5gw3uWrlHJRQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1645434117590668
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99909
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 28 Feb 2022 19:14:24 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.57.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-57-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1646075363925&cid=6187a5a49268ad27da7716d8&VERSION=4.131.1&AV_PAGE_LOAD_UID=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&AV_CDIM4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.95.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-95-81.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
449143_resistthemainstream.org.js
player.adtcdn.com/prebidlink/457243/ Frame 356C 		787 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/457243/449143_resistthemainstream.org.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/457243.15651305555/mgadt.449143.js?domain=resistthemainstream.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a3b3e2b1b75a5f221ab70d016f85b0b94da670c2e046fa9db4dabdf39189e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 28 Feb 2022 17:19:21 GMT
server
cloudflare
etag
W/"621d0419-313"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iacMwfgT2bofpRzYSE04C3RZQWAv3QV6WG7bAk9jkQl%2Fu%2FfnzDDl7jA0A1DojetDM8V95OxjtiEPDcXZkA8SAY9%2FRqiVJR%2FhDnEvuTcAluY7ncoXX0dsqgQgV7TNmhOYiOhfYUDRNbMnoxg7wgXHeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e4bf27158c13745-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 28 Feb 2022 19:24:24 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=resistthemainstream.org&sn=&cd4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.1.6&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&stagid=&stplid=&e=inventory&vi=0&cb=1646075364112
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.190.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-190-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.131.1&AV_PAGE_LOAD_UID=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&AV_CDIM4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6187a5a49268ad27da7716d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=resistthemainstream.org&AV_DADPOS=3&d36=6.1.6&responsive=1&sver=2&avtoken=364111&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1646075364118
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.128.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-128-29.compute-1.amazonaws.com
Software
/
Resource Hash
905f21e793431ae9e5a08c2cf17e68ab165be8f450056efd3912ea782c0a3e77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 17 Feb 2022 05:22:44 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1127
X-Served-By
cache-wdc5535-WDC
Last-Modified
Wed, 09 Jun 2021 05:29:07 GMT
Server
cloudinary
X-Timer
S1638941994.177004,VS0,VE0
ETag
"a42c7ae8b866ad428f953d7bc38769d0"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24424298
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
v2nfaZ_mEDboyhWdQewYlQwLMXHfNw_XbKGIqVhrBAo31ghv4vZuuRlfviC219zSBlvw5UF9vbg
fearlessfaucet.com/ 		2 B
328 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2nfaZ_mEDboyhWdQewYlQwLMXHfNw_XbKGIqVhrBAo31ghv4vZuuRlfviC219zSBlvw5UF9vbg
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2lqjutzC4g83P71WdY5Xu_GXlIdlGNG1cvwpXTL7zlapJHSKHC_biAI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 28 Feb 2022 19:09:24 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-jrj8
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
478878929
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
2
expires
Mon, 28 Feb 2022 19:09:23 GMT
hbw_master_449880_12335.js
player.adtelligent.com/prebidlink/457243/ Frame 356C 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/457243/449143_resistthemainstream.org.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
85e57ced3122083f92a90dd169ea322ecb5d88b2ac67b402f4e4e9299de9955a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 17:19:21 GMT
server
nginx
etag
W/"621d0419-1366b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 20:09:24 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1331
X-Served-By
cache-wdc5537-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944855.651350,VS0,VE1
ETag
"b87901333b21d30f970a9d9982f6400d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427184
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-116747

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-116747/913116
Connection
keep-alive
Content-Length
116748
X-Served-By
cache-wdc5574-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944740.502891,VS0,VE1
ETag
"a7d8f4b80d06c540ff9289b382f53422"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427015
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
caa07502-f818-4a46-9934-30c99e50f55d
https://resistthemainstream.org/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/caa07502-f818-4a46-9934-30c99e50f55d
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
hb_449880_12335.js
player.adtelligent.com/prebidlink/ex19052/ Frame 356C 		390 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c20fe9d4c0e22c732315f2653bde49b230ad9111f4f2c0ab0b8e913b70f785b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 17:19:21 GMT
server
nginx
etag
W/"621d0419-61879"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 20:09:24 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame 356C 		141 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
48048b6601e63749eb014a1dd5c31c6cc8272f633cb53849a224783e34569015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:24 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
141
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ Frame 356C 		43 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=449880&site_id=12335&full_page_url=https%3A%2F%2Fresistthemainstream.org&adid=72rrw0.5z&features=16416&vpbv=N051&lifecycle_tte=917
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:24 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1342
X-Served-By
cache-wdc5574-WDC
Last-Modified
Fri, 28 May 2021 02:55:30 GMT
Server
cloudinary
X-Timer
S1638944740.122476,VS0,VE103
ETag
"61fce59e82eca3dfbd97c9bb6ec77a6d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427063
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-203415

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-203415/1551376
Connection
keep-alive
Content-Length
203416
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
config.json
player.adtelligent.com/exchange_rates/449143/ Frame 356C 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/449143/config.json?cb=https%3A%2F%2Fresistthemainstream.org
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3ecec3b87a5d0fe83d52d888dee09f38692ca42ae9e615024ad29bd531decbc2

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 12:01:13 GMT
server
nginx
etag
W/"621cb989-4ddc"
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
expires
Mon, 28 Feb 2022 20:09:24 GMT
cache-control
max-age=3600
x-proxy-cache
REVALIDATED
vr
ghb.adtelligent.com/ Frame 356C 		388 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/vr?bids=2741,6515,9553,14647,14715,14734,14770,17945,17994,18078
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f0afef710cb6cd3d2104ad56a3d3aa1f7ac54441adbc87a6dcfe2c44bcb9afd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
210
localstore.js
script.4dex.io/ Frame 356C 		483 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
933091
content-type
application/javascript
x-amz-request-id
tx8a9eacc7b532418f8d353-00620977f5
x-amz-id-2
tx8a9eacc7b532418f8d353-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRhISASHNEHPyGY9uqAsvKNLd%2Bid2qKktEob%2B%2BYR%2B14POaOlKX0Q2sAyth7BhNlPgTjjebeygvbanwxn%2Fbz2q5oAUSSzENQmYpRrcbnVr6VxyS05MoJRKUaMH%2Fe%2BuZdkpgVkLvbebLwWgbwD"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1644787655409471
cache-control
public, max-age=1800
cf-ray
6e4bf2748bc292ad-FRA
expires
Mon, 28 Feb 2022 19:39:24 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 356C 		138 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4368af2afa82ef7a4b538d9366ab8b34d2097a49b3efda85ad1c8e2f7d95cc44
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
338c1665-7df9-4f29-bb7f-5cbbf056d849
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
lockerdome.com/ladbid/ Frame 356C 		11 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
bid
research.adtelligent.com/ Frame 356C 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://research.adtelligent.com/bid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.83.70.67 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/ Express
Resource Hash
55f59dd90093c465f7c024b2affcd4a8e492a5b6dbeb8c6d5cf10e7ac41aa6f6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
X-Powered-By
Express
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
5829
auction
rtb.adxpremium.services/openrtb2/ Frame 356C 		461 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.121.152 Quedlinburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
egon
Software
/
Resource Hash
de2bfe8aff9acf9909a1a5efd95f485445e488625d1f76e1498e6e15f14a0558

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
461
expires
0
cdb
bidder.criteo.com/ Frame 356C 		18 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=83937036612
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Feb 2022 19:09:23 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ Frame 356C 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ Frame 356C
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/resistthemainstream.org/ROS?rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomething...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-bac...
376 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&e_pubcid=6a296de3-7bf4-43af-8e29-813c1a883684
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
5.178.65.245 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d1a23c00181a7f87de086516f293446345eeb9dc5e73d073d871eee35316e8a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://resistthemainstream.org
expires
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
376
x-sid
AMS-602

Redirect headers

date
Mon, 28 Feb 2022 19:09:24 GMT
server
openresty
access-control-allow-origin
https://resistthemainstream.org
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.5212270847318345&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&e_pubcid=6a296de3-7bf4-43af-8e29-813c1a883684
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-602
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 356C 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=6a296de3-7bf4-43af-8e29-813c1a883684%5E1&rf=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=611de417-c67d-4bd2-8d67-0348e84f7d2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27871438149493133
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4df205daa27bd528ad0d5084dc795c884959614cbed0fc636548303a6db0e03e

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1754
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 356C 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame 356C 		99 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
285255ce3c314fd1960fc834e5ebdfce15638c5d94d06dc02d15611317d7f284

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
6e4bf274bcc73755-MXP
pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2B51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=129401
expires
Wed, 02 Mar 2022 07:06:05 GMT
date
Mon, 28 Feb 2022 19:09:24 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 1FEF
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dcf4c3c61f37cebe65a05b7ce7119447d0f7bd0e1ae0a1a684d9a0674aa7a163

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|152|31|191|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Content-Length
1775
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame A155
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Feb 2022 19:09:24 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame 3237 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1646075364389-977451507064-006288-015-000776&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
nginx
Date
Mon, 28 Feb 2022 19:09:24 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.57.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-57-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame D65A 		327 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6461659d02c2802ad7e6d383f39dae8b87d48bd991c58bb8d022736fe10a892d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsp4bb9QTNGw1CWHQbLigJgzQ2Fc-J66Vbaos_bOGshVoOG-3-LFEh_u2aT8fVFFhGNbctNenJ2vB5mQyyuyqo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103433
last-modified
Mon, 21 Feb 2022 09:01:02 GMT
server
UploadServer
etag
"6dca9dbeac6a0e075f3e40d06f2cc41c"
vary
Accept-Encoding
x-goog-hash
crc32c=RYqlSw==, md5=bcqdvqxqDgdfPkDQbyzEHA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1645434062107604
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103433
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 28 Feb 2022 19:14:24 GMT
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=6075364539
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=6075364542
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=61182&t=1646075364&cip=193.27.14.10&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1646075364389-977451507064-006288-015-000776&cha=0.7&stagid=&stplid=&d35=&d36=6.1.6&cb=48545122943&cd1=4.131.1&cd4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&cd5=default&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1646075364543&asid=5fa2711a54dbb238c9289f7d%2C6187a5a2beecd3492774a80b%2C60c60c3b1731ed2b383f0908%2C604e0bb1f199b154cc115338%2C6187a5a2f2ea41121e3cbd26%2C5fd1f2cc9772f87a350a855b%2C60ebfe94ebe867570438e997%2C60ebfe86a4a7792110515aa4%2C6187a5a23223786bb66bb49e%2C5fbe1a1fd09dbe29472667bb%2C5fa2a98bba80693a416064d7%2C59f5f23628a0612040036b8f%2C5c5a9a6228a0617b9619af99%2C5fbe5add3443ef680f0480d7&ofpr=2%2C%2C%2C2%2C%2C1.5%2C%2C%2C%2C4%2C%2C3%2C2%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.190.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-190-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
j.html
p.midserved.com/prebidlink/19051/ Frame 152B 		1 KB
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.midserved.com/prebidlink/19051/j.html?i=11602
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
etag
W/"620bee41-43d"
cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 28 Feb 2022 20:09:24 GMT
access-control-allow-origin
*
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=203416-327683

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 203416-327683/1551376
Connection
keep-alive
Content-Length
124268
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
292881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 25 Feb 2023 09:48:03 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.57.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-57-251.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
adagio.js
script.4dex.io/ Frame 356C 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1285912
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx5e4611dbf62f494e82ab4-0062097856
x-amz-id-2
tx5e4611dbf62f494e82ab4-0062097856
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFRggy%2BGRUGrUTKY36FHl0o%2BCC7Wi8nTcLMGqc0vUZusdE04VPCVExKzkUjeqIIeSu%2BWphuNsxqqUoW%2BDm1OXwIOdoJsRB2TbeSKmoy7WWAYjgCgsZRtMuQBa2VM2vzAitwSRQlnPlGvH37f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6e4bf274eeac83ba-MXP
access-control-allow-headers
Authorization
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.123.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-123-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6844d6dfde44c61c7bc52a4f958f110bbd8dad57ef644657edf4390f222a0861

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.123.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-123-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2b417f8a4f97106db46e30bb6be8a89ef5e6242afb361653f9cd1eda9abcab1e

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.123.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-123-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c527327dbe1f6fcc943a23c45c78cf92daa365a7f5f2226b395a5a5f787cc8a9

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbw_master_307825_11602.js
p.midserved.com/prebidlink/y19051/ Frame 152B 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.midserved.com/prebidlink/y19051/hbw_master_307825_11602.js
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/19051/j.html?i=11602
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2d6127f59dc57a2ca1b84b10b0d9bb1fe794e8db40e055bf09c3f2d01ca3a287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/prebidlink/19051/j.html?i=11602
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 12:28:06 GMT
server
nginx
etag
W/"62138556-1221a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 28 Feb 2022 20:09:24 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2B51 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51895752&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=327684-499327

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 327684-499327/1551376
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
hb_307825_11602.js
player.adtelligent.com/prebidlink/ex19052/ Frame 152B 		330 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19052/hb_307825_11602.js
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/y19051/hbw_master_307825_11602.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6241d571e3bad2f2807788473918ed1078f5f9a2a2eb3754f4fb29ae97a7e0c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 17:59:11 GMT
server
nginx
etag
W/"620be9ef-5267f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 20:09:24 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame 152B 		141 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/y19051/hbw_master_307825_11602.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
48048b6601e63749eb014a1dd5c31c6cc8272f633cb53849a224783e34569015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.midserved.com
Date
Mon, 28 Feb 2022 19:09:24 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
141
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ Frame 152B 		43 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11602&full_page_url=https%3A%2F%2Fresistthemainstream.org&adid=72rs4t.kp&features=32&vpbv=N051&lifecycle_tte=108
Requested by
Host: p.midserved.com
URL: https://p.midserved.com/prebidlink/y19051/hbw_master_307825_11602.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.midserved.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.midserved.com
Date
Mon, 28 Feb 2022 19:09:24 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 1FEF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yh0d5P7IsX44Dy.LuvlNaAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsfy1Ou3PzBBQw5kB_4JDo&google_cver=1&gdpr=1&google_hm=2
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsfy1Ou3PzBBQw5kB_4JDo&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Feb 2022 19:09:24 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENsfy1Ou3PzBBQw5kB_4JDo&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1FEF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1FEF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7FJ211KT31DM8ACW4HV7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WJ8SEA1X9D41M8WRSYFT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh0d5P7IsX44Dy-LuvlNaAAABIEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1FEF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1FEF
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1942a35-7f14-4560-8819-02790c427e89
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1942a35-7f14-4560-8819-02790c427e89
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Feb 2022 19:09:25 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=c1942a35-7f14-4560-8819-02790c427e89
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
noop
px.owneriq.net/ Frame 1FEF
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6993617641140796926&uid=Q6993617641140796926&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame 1FEF
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92c8bd6a-e3cc-3b22-9ed5cb74
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92c8bd6a-e3cc-3b22-9ed5cb74
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Feb 2022 19:09:24 GMT

Redirect headers

date
Mon, 28 Feb 2022 19:09:24 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=92c8bd6a-e3cc-3b22-9ed5cb74
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 1FEF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9XrzEBp21NoLoE5&gdpr=1
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9XrzEBp21NoLoE5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Feb 2022 19:09:24 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:24 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=9XrzEBp21NoLoE5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 1FEF 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1646075364389-977451507064-006288-015-000776&biddername=42&key=Yh0d5P7IsX44Dy.LuvlNaAAA%261153
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1646075364389-977451507064-006288-015-000776%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame A155 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb186a1f6fa05ffe11c4da318216b4daef595d918293424a7c3ce41796baf5f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53738
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9762
Expires
Tue, 01 Mar 2022 10:05:02 GMT
khaos.jpg
token.rubiconproject.com/ Frame A155 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=499328-644463

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 499328-644463/1551376
Connection
keep-alive
Content-Length
145136
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		125 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=644464-772679

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 644464-772679/1551376
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A155 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
382e2818ca015d35b02cd449aa60881d
Content-Type
image/gif
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=772680-923455

Response headers

Date
Mon, 28 Feb 2022 19:09:24 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 772680-923455/1551376
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24427002
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=61182&t=1646075364&cip=193.27.14.10&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1646075364389-977451507064-006288-015-000776&cha=0.7&stagid=&stplid=&d35=&d36=6.1.6&cb=48545122943&cd1=4.131.1&cd4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&cd5=default&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1646075364864&asid=6187a5a2beecd3492774a80b%2C6187a5a2f2ea41121e3cbd26%2C60ebfe94ebe867570438e997%2C60ebfe86a4a7792110515aa4%2C6187a5a23223786bb66bb49e%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.190.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-190-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D65A 		367 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124251
x-xss-protection
0
expires
Mon, 28 Feb 2022 19:09:24 GMT
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 8565 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D65A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Feb 2022 19:09:25 GMT
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 962C 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame F77C 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 7E0D 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 1DE9 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame D65A 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C290 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B58 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E2A7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F152 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 40DD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
iframe.html
player.adtelligent.com/prebid/ Frame D2C4 		243 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 29 Apr 2020 14:32:47 GMT
etag
W/"5ea9900f-f3"
cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 28 Feb 2022 20:09:25 GMT
access-control-allow-origin
*
x-proxy-cache
HIT
uctag-rf.js
player.adtelligent.com/prebidlink/ Frame D2C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/uctag-rf.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 11:07:33 GMT
server
nginx
etag
W/"5f0d91f5-993"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 20:09:25 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
371.json
id5-sync.com/g/v2/ 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
204fabb70a4c34f7230350657538cc17807f108b1d8bd1eb55ee08727debc777
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B78 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=129400
expires
Wed, 02 Mar 2022 07:06:05 GMT
date
Mon, 28 Feb 2022 19:09:25 GMT
vary
Accept-Encoding
js
tags.mathtag.com/notify/ Frame A4A3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUlFRlRvbU0ybFpOWVdjZFJHajBlUTgvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/UzE8E-0XXgVeOqqQ2YymQRABFdQ&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=216.200.232.156&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.302.0 /
Resource Hash
7a914e6b7f93369a1438cd895fd34ae211a93feb4eecaca4ca26f300af869a7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:25 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1646075364
Last-Modified
Mon, 28 Feb 2022 19:09:24 GMT
Server
MMBD/3.302.0
x-mm-latency
218 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x85, ord-bidder-x329
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Mon, 28 Feb 2022 19:09:24 GMT
6987bab8-f9cd-4dbc-919e-f3d76d2664ae
beacon-iad3.rubiconproject.com/beacon/d/ Frame A4A3 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad3.rubiconproject.com/beacon/d/6987bab8-f9cd-4dbc-919e-f3d76d2664ae?oo=0&accountId=17184&siteId=163630&zoneId=2126352&sizeId=15&e=6A1E40E384DA563B41F25AE416F1E5B65CE60DD519CBDBD33346450569ADD3A8771EBEE7D2F8877F6081323DBC5B86B14623132DAA7D7AFE7A39B246691A783E9CDFDF529AB9A65C9AADAB5684D60938C4A7B3C476825045705823F3AE3AE3235D10C336A7500B897763C030CCC897C79488D16ADB2E6207392FC105C44B685217484A0970FD32C2538839A4E2EFCC9DAC8C19C12148EDBAE2354F67B36747DF02D40792869395F49D677943C0E40D175D8198F2A3BB546F
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:300::76 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
ck-confirm
tags.mathtag.com/ Frame A4A3
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZD...
  • https://tags.mathtag.com/ck-confirm?bid_id=6259971478654972315&node_id=2675&exch_id=9
49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6259971478654972315&node_id=2675&exch_id=9
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Protocol
HTTP/1.1
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.302.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:25 GMT
Server
MMBD/3.302.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x106, ord-bidder-x329
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 28 Feb 2022 19:09:24 GMT

Redirect headers

Date
Mon, 28 Feb 2022 19:09:25 GMT
x-mm-bid-request-time
1646075364
Last-Modified
Mon, 28 Feb 2022 19:09:24 GMT
Server
MMBD/3.302.0
x-mm-latency
218 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://tags.mathtag.com/ck-confirm?bid_id=6259971478654972315&node_id=2675&exch_id=9
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x107, ord-bidder-x329
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Keep-Alive
timeout=360
Content-Length
85
Expires
Mon, 28 Feb 2022 19:09:24 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8565 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1450051125955382&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=1646075365725&cookie_enabled=1&scor=1029528228149364&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 962C 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2363087052083161&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=1646075365731&cookie_enabled=1&scor=868973047523730&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F77C 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=1918867246995153&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=1646075365735&cookie_enabled=1&scor=4130180199792322&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
551334ab1207b5331a130f3baa826d8d9e81334449ddc47af05dea48a1b8a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
845
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7E0D 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=3634412547017408&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2758553450&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=1646075365739&cookie_enabled=1&scor=2183000966913332&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1c016d976f3fa68818025fc7a9526acde60c5970e4284f7009d240d6bc4994ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
843
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1DE9 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=2613897386390719&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2376058707&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dt=1646075365745&cookie_enabled=1&scor=1286411592516627&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3822490667d8b5f084147e84300d95efbcbbdd9aec4045f2d8ba5adb2fedd5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ugoxy02bc9a4
hal9000.redintelligence.net/zone/ Frame A4A3 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ugoxy02bc9a4?subid=&gdpr=0&gdpr_consent=&rnd=6259971478654972315&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
cc869e20cfb50788075b9a50e4e25f2e50bba3b66abc517565ef1735638a80da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2960
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame A4A3 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6259971478654972315&node_id=2675&exch_id=9
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUlFRlRvbU0ybFpOWVdjZFJHajBlUTgvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/UzE8E-0XXgVeOqqQ2YymQRABFdQ&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=216.200.232.156&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.302.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Server
MMBD/3.302.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x29, ord-bidder-x329
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 28 Feb 2022 19:09:25 GMT
img
pixel.mathtag.com/event/ Frame A4A3 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=6259971478654972315&v3=1073227&v4=10497469&v5=9966456&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUlFRlRvbU0ybFpOWVdjZFJHajBlUTgvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/UzE8E-0XXgVeOqqQ2YymQRABFdQ&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=216.200.232.156&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4172 645ee8c master cdg-pixel-x26 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:25 GMT
Server
MT3 4172 645ee8c master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Feb 2022 19:09:24 GMT
img
tags.mathtag.com/event/ Frame A4A3 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=6259971478654972315&st=10497469&time=1646075365&nodeid=2675
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvT0dabVpHRTFZMkl0T1RZMll5MHdaREF4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNTk5NzE0Nzg2NTQ5NzIzMTUvOTk2NjQ1Ni8xMDQ5NzQ2OS85L1pkZDNYdjZKZ3NEMmF4TWxqTllMeUlFRlRvbU0ybFpOWVdjZFJHajBlUTgvMS85LzAvMC8xNzg3NTgyLzAvMjE1NTQzLzEwNzMyMjcvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjU5OTcxNDc4NjU0OTcyMzE1L29yZC8wLzczNDEvMTUvOTk5LzIvMjAwMTphYzg6MjA6MzAwOjovMC4wMDAvMTY0NjA3NTM2NC8xNjQ2MDc4OTY0LzkvMTcxODQv/UzE8E-0XXgVeOqqQ2YymQRABFdQ&nodeid=2675&group=ord&auctionid=6259971478654972315&shardkey=6259971478654972315&sid=10497469&cid=9966456&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=216.200.232.156&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.302.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Server
MMBD/3.302.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x101, ord-bidder-x329
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 28 Feb 2022 19:09:25 GMT
request.php
hal900018.redintelligence.net/ Frame A4A3
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D283988f3154bda2%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=415877447871&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Protocol
HTTP/1.1
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
963c4736e074f18b88a0f134bdf1b7a6e0c517d8829818054d10ab62877fed05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40565800237231804189731011884018
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
332
Expires
Mon, 28 Feb 2022 19:09:25 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:25 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D283988f3154bda2%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=415877447871&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 28 Feb 2022 19:09:25 +0100
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=61182&t=1646075364&cip=193.27.14.10&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1646075364389-977451507064-006288-015-000776&cha=0.7&stagid=&stplid=&d35=&d36=6.1.6&cb=48545122943&cd1=4.131.1&cd4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&cd5=default&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.190.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-190-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 28 Feb 2022 19:09:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 21A5 		588 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Feb 2022 13:10:55 GMT
expires
Tue, 28 Feb 2023 13:10:55 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
21510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame D65A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 28 Feb 2022 19:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3796 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 18:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:12:25 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 21A5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=539117138581101&sdkv=h.3.502.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=807932265&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.502.0&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&nel=0&eid=44736293%2C44738437&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&dlt=1646075363906&idt=2018&dt=1646075365950&cookie_enabled=1&scor=1280161964614688&ged=ve4_td2_tt1_pd2_la2000_er4620.320.4772.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F77C 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&adk=1166742729&cookie_enabled=1&correlator=1918867246995153&dt=1646075366038&ged=ve4_td2_tt1_pd2_la2000_er4620.320.5003.999_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.502.0&osd=2&scor=4130180199792322&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44736293%2C44738437&hl=en&frm=0&sdki=44d&sdkv=h.3.502.0&sdr=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900018.redintelligence.net/ Frame 7A39 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=ugoxy02bc9a4&nw=20&renderingType=javascript&namespace=82a0a885d3&subid=&uid=6f8b90fd8c574dc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dcbedbafdb6de4363861d9c544c8e612a57ee1761_15%26mt_aid%3D6259971478654972315%26mt_id%3D9966456%26mt_adid%3D215543%26mt_sid%3D10497469%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_cid%3D109b621d-1de5-4c01-8d84-0d9f8cfec773%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F6987bab8-f9cd-4dbc-919e-f3d76d2664ae%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D283988f3154bda2%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=415877447871&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
2b1253f33b7c02ab4068ad5b7d2c117f22f214f63804f00e8591a5cea60be5fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 28 Feb 2022 19:09:26 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1526
Connection
close
Content-Type
text/html; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 966A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=283988f3154bda2&ref=null
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Feb 2022 19:09:26 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 966A 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb186a1f6fa05ffe11c4da318216b4daef595d918293424a7c3ce41796baf5f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Feb 2022 19:52:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53736
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9762
Expires
Tue, 01 Mar 2022 10:05:02 GMT
/
track.adform.net/adfscript/ Frame 7A39 		747 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53457441;click=https%3A%2F%2Fhal900018.redintelligence.net%2Fc%2Fplyutnbq7410lya%3Ftprde%3D
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0e494cc16be10317bfde4b2339643049ee536117f767c661fb323cacee982994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
548
expires
-1
viewability
hal900018.redintelligence.net/ Frame 7A39 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=40565800237231804189731011884018&a=19a5a454&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame 7E0D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&adk=2758553450&cookie_enabled=1&correlator=3634412547017408&dt=1646075366343&ged=ve4_td2_tt1_pd2_la2000_er4620.320.5003.999_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.502.0&osd=2&scor=2183000966913332&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44736293%2C44738437&hl=en&frm=0&sdki=44d&sdkv=h.3.502.0&sdr=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7A39 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53457441;click=https%3A%2F%2Fhal900018.redintelligence.net%2Fc%2Fplyutnbq7410lya%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 01 Mar 2022 22:49:49 GMT
multitracking
ghb.adtelligent.com/adunit/ Frame 356C 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/457243/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:25 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
/
track.adform.net/adfserve/ Frame 7A39 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=53457441;click=https%3A%2F%2Fhal900018.redintelligence.net%2Fc%2Fplyutnbq7410lya%3Ftprde%3D;js=1;adfxid=1x;1008;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fresistthemainstream.org
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5b0d7463f8f6e66c4775477c67ca20a9435ebc11960973ade1022e0a41a5fd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1947
expires
-1
truncated
/ Frame 7A39 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 7A39 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=40565800237231804189731011884018&a=1c75cfac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.65.99.88.clients.your-server.de
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 19:09:26 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 356C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Mar 2022 19:09:26 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1DE9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fdonald-trump-were-coming-backsomethings-gonna-happen%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=A97933D2-4DB3-4DFD-A6C3-53F2358E704B&adk=2376058707&cookie_enabled=1&correlator=2613897386390719&dt=1646075366558&ged=ve4_td3_tt2_pd3_la3000_er4620.320.5003.999_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.502.0&osd=2&scor=1286411592516627&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44736293%2C44738437&hl=en&frm=0&sdki=44d&sdkv=h.3.502.0&sdr=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 7A39 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 01 Mar 2022 22:50:03 GMT
/
track.adform.net/csimpr/ Frame 7A39 		35 B
478 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53457441&csi=wsuOGuJB8Q4Rp0GzGiWqtUnJfZsvw9T4iEe4QfD8vwDrygPkIxxfk6XzWdBml5Ru0rX-2lN-pABr7sEt2d10PN6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900018.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal900018.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
10942284.js
s1.adform.net/Banners/Elements/Files/160090/10942284/ Frame 7141 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/10942284.js?ADFassetID=10942284&bv=258
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8859dc3881ad416cb447b4fde1c98b1bd977be58268cf6c524c8e61e8cc770b6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
W/"6218fdc5-e22"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
syncframe
gum.criteo.com/ Frame 337B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=resistthemainstream.org
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2214
date
Mon, 28 Feb 2022 19:09:26 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 356C 		90 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:35 GMT
server
nginx
etag
W/"61f7a623-16685"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 01 Mar 2022 19:09:26 GMT
screen.css
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		1 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3f95deb0fb3f290cd173a75a6b1b39beb065821dd009451ac2cd847f638dffd6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
W/"6218fdc5-5ef"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/css
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 7141 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
introfill.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		117 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-75"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
117
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e876b5900cecd21791eef81d387ab73e8413e9d8d091f5bde4e21d7335a1d83
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
"6218fdc4-1670"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5744
text1.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c609515abbf7b754b26ca2f25751186159da54269e7bbbda89db6355652dbb07
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
"6218fdc4-3e07"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
15879
b1.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/b1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9c2d3d15c40d77b0e466603aff3b13540e6fec4cb9d106b98a12db93f16f366
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1bf3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7155
b2.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/b2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
620877d80966782d88b31255132304930531edd5d3792854f8dfc4816416dbf6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1e99"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7833
b3.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/b3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d59162941ab2c89197f8db7a428e791b24517825fe8b9de25c11a7699d2ea4e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1fd2"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
8146
b4.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/b4.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1a7c99a269bc09772a3aea64343e714ee4b8db6c7a5c9494e7b1aa2d115d64e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1ec3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7875
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a7f660360f986830418098d593c35845d576cf1d16de89151f8c77266ee3164f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
"6218fdc4-b36"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2870
date.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8c5b28b6a34e7a768e0658ce1230677d79a109c9578c62c98c5961020c77f119
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
"6218fdc4-779"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1913
cta.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2f44a459ede8be3dd24268f27949c06880929fc876716e3787b8f6a4ae0928eb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-78d"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
1933
logostart.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5f5cc14425f252a51538edf4a3e8eb842fc5f640a90e0e3a2b9856007aff50ef
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1b03"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6915
logo.png
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94aea0bf6407c556d6403f2390af417fed122850cd2382a966b0bff02b839150
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-1084"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4228
model.jpg
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb6e08a8dc465aad8a234c6dfccd200a3dea506db71950bf63314cbcda13dc3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:17 GMT
server
nginx
etag
"6218fdc5-9a68"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
39528
background.jpg
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2fec46d6c6cea091c5555a2d620711cf4729fadf608d437ad96d60ffccff9d29
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
"6218fdc4-1bee"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
7150
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 7141 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1635335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlcfyODEVaQTluAYZFrqYzoyy6DtSPAaFW0QOdrqEuuweZfuOWUr2rzAUcKg0aL2T3x4H%2F9yvTO02LI1Jd6m8LnJdyyFD%2B0I1GwvZKNCQWK5CkbwsdODQsSGkzBrZf%2FtZawKnQZ4aRH7of78gNyfIYTN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e4bf281ee6f3748-MXP
expires
Sat, 18 Feb 2023 19:09:26 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 7141 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4666304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up2%2BjybhAlvjo%2BVHGFI8%2B1%2BpELgRhqAMqIrk1FosiXH0ZfIGZ0Vk90c37QLv0%2BqZik8rVzmhtRp7ngnVhj%2BAtC8xnth0oo4wCtmMgM2gnK%2BGJ7V91MZNNFLTldjrW%2B6cE1YwMaFoN35YXbUkQ%2BY7B9YH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e4bf281ee723748-MXP
expires
Sat, 18 Feb 2023 19:09:26 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 7141 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
251404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP0niSDbYPv12NuW4ZEFcsN%2FLNij%2BWZ5%2BrQpg5aOGJG%2Bcd4BIw4ZRkw8Z9Hpujs9c7vOWDTlpCxxWG71EzTLHB%2BvMY94ecfUDmwGXSknic0TNyHOAzlR30lFPTKEaLooTO66iGQ%2FPZZ1ltHM%2F3C%2BeNuJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e4bf281ee7b3748-MXP
expires
Sat, 18 Feb 2023 19:09:26 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/ Frame 7141 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10942284/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5a48114c3cbaa77fab95d9ce5e3e5ab0dbd1cc9e4caf700106dc4aa9beb904bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 16:03:16 GMT
server
nginx
etag
W/"6218fdc4-21d1"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
sid
mug.criteo.com/ Frame 337B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=resistthemainstream.org&sn=ChromeSyncframe&so=0&topUrl=resistthemainstream.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lc7_L3xyNnY2WUVOZTg4ZUR4VFg2M0lYOFV6TnI2MVRmMmFuRko1S2NobmNlNU1IRmVsOXFidG5PQ0tOL0g2MUtmZmZXNjNXKy95eW9QZG1WN0U4T000UmxDRzZqbktMRnF1K2dsRWRZTWxCY3o5eTF1ZHJJQ2JDaytsL3...
451 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lc7_L3xyNnY2WUVOZTg4ZUR4VFg2M0lYOFV6TnI2MVRmMmFuRko1S2NobmNlNU1IRmVsOXFidG5PQ0tOL0g2MUtmZmZXNjNXKy95eW9QZG1WN0U4T000UmxDRzZqbktMRnF1K2dsRWRZTWxCY3o5eTF1ZHJJQ2JDaytsL3pjc20weUVJbWcrQ3Q3MWpCdUNMaWtOZlpYYXphRUUvUmNhcFVhWXNXamZWdXFVc3VMa1J0MXpVNVBkR3p6cXkzdUhQVmFIbDJqUG5xMVhjUU9tQTM4eU9LL2g1RTdWUzg5MEYzb3JDSWJMV1plbVd0WWNsWklFUXltTDhqS2dremp0MzdjQzZhUFNjTi90a2RnaXhadDJ4RS9HNVFSMGNwWU9UbDJlVVNuOE1vNDVSQ0Jwbz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f720daad4fde31719222d7ada751fe7b993e3dbae04545eb5c76081967ca0a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:26 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4497
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:26 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=lc7_L3xyNnY2WUVOZTg4ZUR4VFg2M0lYOFV6TnI2MVRmMmFuRko1S2NobmNlNU1IRmVsOXFidG5PQ0tOL0g2MUtmZmZXNjNXKy95eW9QZG1WN0U4T000UmxDRzZqbktMRnF1K2dsRWRZTWxCY3o5eTF1ZHJJQ2JDaytsL3pjc20weUVJbWcrQ3Q3MWpCdUNMaWtOZlpYYXphRUUvUmNhcFVhWXNXamZWdXFVc3VMa1J0MXpVNVBkR3p6cXkzdUhQVmFIbDJqUG5xMVhjUU9tQTM4eU9LL2g1RTdWUzg5MEYzb3JDSWJMV1plbVd0WWNsWklFUXltTDhqS2dremp0MzdjQzZhUFNjTi90a2RnaXhadDJ4RS9HNVFSMGNwWU9UbDJlVVNuOE1vNDVSQ0Jwbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1829
content-length
567
expires
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		127 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=923456-1053927

Response headers

Date
Mon, 28 Feb 2022 19:09:27 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 923456-1053927/1551376
Connection
keep-alive
Content-Length
130472
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24426999
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1741
date
Mon, 28 Feb 2022 19:09:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 356C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HPd85HxJeFJRS0FGV051NS8zREF2S2FVU2Y3QzlwdlpWSWpETTFCU1Jaa1dzRkpkZDNkQzV4WU5CNUhlV3M1b3R4QlJ5NmdaUTl3RDZreVZJVTlPdDJOSG5JR2tqNGRoc05BM0hsMHVKcU4rQUM0YWZiaHEyOVVrdVRPN0...
462 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HPd85HxJeFJRS0FGV051NS8zREF2S2FVU2Y3QzlwdlpWSWpETTFCU1Jaa1dzRkpkZDNkQzV4WU5CNUhlV3M1b3R4QlJ5NmdaUTl3RDZreVZJVTlPdDJOSG5JR2tqNGRoc05BM0hsMHVKcU4rQUM0YWZiaHEyOVVrdVRPN0laR1NjQ1krdUlWU1Z2bFNFWEpzQnhUVUxjQ0w1djhnRUJlYUg0OVBmdU5hcGt6VGRkbElBcWFxMkJxbVpDNHY3aW1FdVN0eTEwZVdNbHpCOGNJMWg1ZEdXdXFGS0NCZ0FlMWxjK3cxTS9aRlJhK05qU3g5aEtta0ZZd1QxYjl1QU51bWo5SUdPb0dMc0JDT0JxSWh2bjdMbzl4VG8rb0Z4TUlFWDdvdEFHZEMvK29vOHI4RT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
28356218c0e38e5b37377618ea97a909ae156786abe654381028d4cf191764b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3795
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
location
https://mug.criteo.com/sid?cpp=HPd85HxJeFJRS0FGV051NS8zREF2S2FVU2Y3QzlwdlpWSWpETTFCU1Jaa1dzRkpkZDNkQzV4WU5CNUhlV3M1b3R4QlJ5NmdaUTl3RDZreVZJVTlPdDJOSG5JR2tqNGRoc05BM0hsMHVKcU4rQUM0YWZiaHEyOVVrdVRPN0laR1NjQ1krdUlWU1Z2bFNFWEpzQnhUVUxjQ0w1djhnRUJlYUg0OVBmdU5hcGt6VGRkbElBcWFxMkJxbVpDNHY3aW1FdVN0eTEwZVdNbHpCOGNJMWg1ZEdXdXFGS0NCZ0FlMWxjK3cxTS9aRlJhK05qU3g5aEtta0ZZd1QxYjl1QU51bWo5SUdPb0dMc0JDT0JxSWh2bjdMbzl4VG8rb0Z4TUlFWDdvdEFHZEMvK29vOHI4RT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2167
content-length
567
expires
0
692.json
id5-sync.com/g/v2/ Frame 356C 		212 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19052/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
e37c289543df4e5843ff4038fbf54c0a9a38817fd5ab9d7b31bcac4d11faae89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Mon, 28 Feb 2022 19:09:27 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HPd85HxJeFJRS0FGV051NS8zREF2S2FVU2Y3QzlwdlpWSWpETTFCU1Jaa1dzRkpkZDNkQzV4WU5CNUhlV3M1b3R4QlJ5NmdaUTl3RDZreVZJVTlPdDJOSG5JR2tqNGRoc05BM0hsMHVKcU4rQUM0YWZiaHEyOVVrdVRPN0laR1NjQ1krdUlWU1Z2bFNFWEpzQnhUVUxjQ0w1djhnRUJlYUg0OVBmdU5hcGt6VGRkbElBcWFxMkJxbVpDNHY3aW1FdVN0eTEwZVdNbHpCOGNJMWg1ZEdXdXFGS0NCZ0FlMWxjK3cxTS9aRlJhK05qU3g5aEtta0ZZd1QxYjl1QU51bWo5SUdPb0dMc0JDT0JxSWh2bjdMbzl4VG8rb0Z4TUlFWDdvdEFHZEMvK29vOHI4RT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1028
date
Mon, 28 Feb 2022 19:09:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5B78 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77219076&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
854c3bf78e313faae4d291e0139cd15e886539f00d4a70b0dab49f30bc7489b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 06F8 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=628DF1EE-372F-4038-B61C-BE7BB7B24661
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B3F2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug021:0:371
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Mon, 28 Feb 2022 19:09:28 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Mon, 28 Feb 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1638319
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame D668
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8890840999861779946
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8890840999861779946
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug006:0:951
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8890840999861779946
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3B7C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug015:0:446
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 28 Feb 2022 19:09:28 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4172 645ee8c master cdg-pixel-x28 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&gdpr=0&gdpr_consent=
Expires
Mon, 28 Feb 2022 19:09:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F5A5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7069839872328333465
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7069839872328333465
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug029:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 28 Feb 2022 19:09:28 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7069839872328333465
Pug
simage2.pubmatic.com/AdServer/ Frame E92B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh0d6AAJnSKgPwAy&gdpr=0&gdpr_consent=&_test=Yh0d6AAJnSKgPwAy
1 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh0d6AAJnSKgPwAy&gdpr=0&gdpr_consent=&_test=Yh0d6AAJnSKgPwAy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug008:0:611
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yh0d6AAJnSKgPwAy&gdpr=0&gdpr_consent=&_test=Yh0d6AAJnSKgPwAy
accept-ranges
bytes
date
Mon, 28 Feb 2022 19:09:28 GMT
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1646075369.884836,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 602B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dY6sS_DMQBhKy2DWm_lbPcEbDgo
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dY6sS_DMQBhKy2DWm_lbPcEbDgo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:29 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug025:0:803
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 28 Feb 2022 19:09:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dY6sS_DMQBhKy2DWm_lbPcEbDgo
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 7A3B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug013:2:741
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 28 Feb 2022 19:09:28 GMT
server
_
redir
rtb-csync.smartadserver.com/ Frame 26E5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSm5VN0VPandBQUhfcjVyWmxNdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGJnU7EOjwAAH_r5rZlMw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGJnU7EOjwAAH_r5rZlMw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGJnU7EOjwAAH_r5rZlMw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGJnU7EOjwAAH_r5rZlMw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-type
image/gif
date
Mon, 28 Feb 2022 19:09:28 GMT
transfer-encoding
chunked

Redirect headers

Date
Mon, 28 Feb 2022 19:09:29 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGJnU7EOjwAAH_r5rZlMw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
bridge
cm.adgrx.com/ Frame 9CDF 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 28 Feb 2022 19:09:28 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
pub
matching.truffle.bid/sync/ Frame B3B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.212.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.181.212.90.157.clients.your-server.de
Software
nginx/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.19.10
Date
Mon, 28 Feb 2022 19:09:28 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
i.match
s.tribalfusion.com/z/ Frame 1BA0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 28 Feb 2022 19:09:29 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e4bf290aeff5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 28 Feb 2022 19:09:29 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
960
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e4bf28f3a7e5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookiesync
core.iprom.net/ Frame 4EB8 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
leviathan-d259a0609b8f@version_1.378
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Mon, 28 Feb 2022 19:09:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FF47
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1646075368796
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5809824948
  • https://sync.1rx.io/usersync/tradedesk/e1fb2f6a-d869-4719-8236-54cc68fb9008
  • https://sync.targeting.unrulymedia.com/csync/RX-9c0fa485-a7cf-416e-9622-957f063085be-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9c0fa485-a7cf-416e-9622-957f063085be-003
42 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9c0fa485-a7cf-416e-9622-957f063085be-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug008:0:627
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9c0fa485-a7cf-416e-9622-957f063085be-003
etag
RX9c0fa485a7cf416e9622957f063085be003
dpe
ad4m.at/ad/ Frame 71C3 		15 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
max-age=43200, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
age
538283
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6e4bf28f2c120e12-MXP
Pug
image2.pubmatic.com/AdServer/ Frame 4C91
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ynG3Qx6BrjaXujvX9AUXYZkd
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ynG3Qx6BrjaXujvX9AUXYZkd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 28 Feb 2022 16:06:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0025:0:2690
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 28 Feb 2022 19:09:28 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ynG3Qx6BrjaXujvX9AUXYZkd
strict-transport-security
max-age=0; includeSubDomains;
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B28A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=697b1872-5620-43e3-990d-1542500e8859-tuct916a368&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=697b1872-5620-43e3-990d-1542500e8859-tuct916a368&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 28 Feb 2022 19:09:28 GMT
via
1.1 varnish
x-served-by
cache-hhn4061-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1646075369.887493,VS0,VE12
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=697b1872-5620-43e3-990d-1542500e8859-tuct916a368&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 28 Feb 2022 19:09:28 GMT
via
1.1 varnish
x-served-by
cache-mxp6931-MXP
x-cache
MISS
x-cache-hits
0
x-timer
S1646075369.800255,VS0,VE27
x-vcl-time-ms
27
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Yo3x7jcvQDi2HL57t7JGYQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=129397
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 02 Mar 2022 07:06:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=109b621d-1de5-4c01-8d84-0d9f8cfec773
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=109b621d-1de5-4c01-8d84-0d9f8cfec773
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 15:02:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 28 Feb 2022 19:09:28 GMT
Server
MT3 4172 645ee8c master cdg-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=109b621d-1de5-4c01-8d84-0d9f8cfec773
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 28 Feb 2022 19:09:27 GMT
mw
mwzeom.zeotap.com/ Frame 5B78
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=628DF1EE-372F-4038-B61C-BE7BB7B24661
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df59dfedc7e39aaadec1ef742359417
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=e1fb2f6a-d869-4719-8236-54cc68fb9008&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=32bb70bf3a79a454
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e195b2389e47&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGXCzuoXuefI-IHH_HLFQWE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e19...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGXCzuoXuefI-IHH_HLFQWE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e195b2389e47&zcluid=32bb70bf3a79a454&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e4bf2934ae9f917-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGXCzuoXuefI-IHH_HLFQWE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b47eaef6-4cda-40ed-4479-bc5dd22c801d&reqId=0b4b9120-fdc4-4ffb-7c5b-e195b2389e47&zcluid=32bb70bf3a79a454&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMf2TEKmDBCS97AV_1jZgK0&google_cver=1
42 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMf2TEKmDBCS97AV_1jZgK0&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 13:39:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:461
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMf2TEKmDBCS97AV_1jZgK0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5B78 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 27 Feb 2022 19:09:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4167049332457013070
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4167049332457013070
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4167049332457013070
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1fb2f6a-d869-4719-8236-54cc68fb9008
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1fb2f6a-d869-4719-8236-54cc68fb9008
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1fb2f6a-d869-4719-8236-54cc68fb9008
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4503125521303474865&gdpr=0&gdpr_consent=
42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4503125521303474865&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:827
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:28 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
19a74c7e-244b-48ee-a1a2-225c22916424
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4503125521303474865&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB
42 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:2281
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
628DF1EE-372F-4038-B61C-BE7BB7B24661
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5B78 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/628DF1EE-372F-4038-B61C-BE7BB7B24661?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:9290:fe02:2ee8:2378 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=628DF1EE-372F-4038-B61C-BE7BB7B24661&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=628DF1EE-372F-4038-B61C-BE7BB7B24661&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vFJNCNE2uXKXvGbWxo8HwYYUwff0f4-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vFJNCNE2uXKXvGbWxo8HwYYUwff0f4-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.vFJNCNE2uXKXvGbWxo8HwYYUwff0f4-~A&gdpr=0&gdpr_consent=
date
Mon, 28 Feb 2022 19:09:28 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=fb426a21-f691-4e49-8f65-32ad8ddf3b1e&expires=3&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:29 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug025:0:541
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae09e449-bcfe-4f13-b5e3-4abc1202ef0b&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 28 Feb 2022 19:09:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7203241715059479037&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7203241715059479037&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:385
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7203241715059479037&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d63e0548-6ff8-42f2-a062-ebe80d3bb5fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d63e0548-6ff8-42f2-a062-ebe80d3bb5fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d63e0548-6ff8-42f2-a062-ebe80d3bb5fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 28 Feb 2022 19:09:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5B78 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=628DF1EE-372F-4038-B61C-BE7BB7B24661&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:468
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Feb 2022 19:09:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4503125521303474865
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4503125521303474865
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:352
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 28 Feb 2022 19:09:28 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0fa55566-7aaf-40a5-967b-d881f2f74e5c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4503125521303474865
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5B78 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 19:09:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=61182&t=1646075364&cip=193.27.14.10&sn=&tgt=0&osv=10&bv=98.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1646075364389-977451507064-006288-015-000776&cha=0.7&stagid=&stplid=&d35=&d36=6.1.6&cb=48545122943&cd1=4.131.1&cd4=9d27763f-d737-4ef9-83f3-8fb95ad91f7c&cd5=default&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.190.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-190-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 28 Feb 2022 19:09:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		146 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=1053928-1241927

Response headers

Date
Mon, 28 Feb 2022 19:09:31 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1053928-1241927/1551376
Connection
keep-alive
Content-Length
188000
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=24426995
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.viglink.com
URL
https://api.viglink.com/api/ping

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| vglnk function| gtag object| dataLayer object| OneSignal string| jnews_ajax_url function| _0x5c17bc function| _0x1c00 function| _0x30ff object| jnews object| jnewsDataStorage object| _wpemojiSettings function| admiral object| googletag object| PDFObject undefined| $ function| jQuery object| google_tag_manager object| ldAdInit object| google_tag_data object| gaGlobal object| jnews_module_51990_0_621cf0155b04a number| HYVOR_TALK_WEBSITE object| HYVOR_TALK_CONFIG boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16460753625086 function| vglnk_16460753625087 object| twemoji object| wp object| _ldAdIdMap string| HYVOR_TALK_DOMAIN object| jnews_module_51990_1_621cf0156191c object| jfla boolean| jQueryScriptOutputted function| initJQuery object| addComment function| EvEmitter function| imagesLoaded object| jnewsoption object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| tve_dash_front object| TVE_Dash object| jnews_select_share boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists object| TL_Const object| hyvorTalkCommentCount object| rtm object| omapi_data function| onYouTubeIframeAPIReady number| progressTimer object| _mgIntExchangeNews object| MarketGidInfC1149360 function| MarketGidCContextBlock1149360 function| MarketGidCMainBlock1149360 function| MarketGidCInternalExchangeBlock1149360 function| MarketGidCRejectBlock1149360 function| MarketGidCInternalExchangeLoggerBlock1149360 function| MarketGidCObserverBlock1149360 function| MarketGidCSendDimensionsBlock1149360 function| MarketGidCRtbBlock1149360 function| MarketGidCContentPreviewBlock1149360 function| MarketGidCResponsiveBlock1149360 boolean| mg_loaded_720235_1149360 function| 4dm1r11545242527 object| MarketGidInfC1156929 function| MarketGidCContextBlock1156929 function| MarketGidCMainBlock1156929 function| MarketGidCInternalExchangeBlock1156929 function| MarketGidCRejectBlock1156929 function| MarketGidCInternalExchangeLoggerBlock1156929 function| MarketGidCObserverBlock1156929 function| MarketGidCSendDimensionsBlock1156929 function| MarketGidCRtbBlock1156929 function| MarketGidCDiscountBlock1156929 function| MarketGidCContentPreviewBlock1156929 boolean| mg_loaded_720235_1156929 object| MarketGidInfC1261872 function| MarketGidCContextBlock1261872 function| MarketGidCMainBlock1261872 function| MarketGidCInternalExchangeBlock1261872 function| MarketGidCRejectBlock1261872 function| MarketGidCInternalExchangeLoggerBlock1261872 function| MarketGidCObserverBlock1261872 function| MarketGidCSendDimensionsBlock1261872 function| MarketGidCRtbBlock1261872 function| MarketGidCDiscountBlock1261872 function| MarketGidCContentPreviewBlock1261872 boolean| mg_loaded_720235_1261872 function| OptinMonsterApp boolean| om_loaded object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents object| onClickExcludes function| mgReject1149360 function| mgLoadAds1149360_17cee function| MarketGidCReject1149360 function| MarketGidLoadGoods1149360_17cee function| mgReject1156929 function| mgLoadAds1156929_11452 function| MarketGidCReject1156929 function| MarketGidLoadGoods1156929_11452 function| mgReject1225368 function| mgLoadAds1225368_11452 function| MarketGidCReject1225368 function| MarketGidLoadGoods1225368_11452 function| quantserve function| __qc object| ezt function| qtrack object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1261872 function| mgLoadAds1261872_043fc function| MarketGidCReject1261872 function| MarketGidLoadGoods1261872_043fc function| udm_r3Chunk object| udm_r3 object| _pbjsGlobals function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint720235 string| _mgPvid boolean| _mgPageView720235 boolean| i.js.loaded boolean| i-noref.js.loaded function| _mgLib1_11_85 function| _mgwqp object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier function| Hls function| av_sciv_hndlr1646075364102 object| storageAni object| ADAGIO object| _ADAGIO number| google_global_correlator object| closure_lm_948169

109 Cookies

Domain/Path Name / Value
resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen Name: quads_browser_width
Value: 1600
resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen Name: exco-uid
Value: otgw5sk54iyuefmf
.mgid.com/ Name: __cf_bm
Value: L1HW8GpQhbAyDZzbGiCz9btyNcojnloVEsvfrSMGhkQ-1646075362-0-AbAsKPidPVzFUWfGSNe4ErcwjvIcghahRkTndvKGML1DBVedGh+1iiwkEK1+oJMx3LJM/De7lMPceD2VPrSf+Jk=
.resistthemainstream.org/ Name: _ga_MHSJPPB6JE
Value: GS1.1.1646075362.1.0.1646075362.0
.resistthemainstream.org/ Name: paywall_product
Value: false
.resistthemainstream.org/ Name: _ga
Value: GA1.2.370238428.1646075362
.resistthemainstream.org/ Name: _gid
Value: GA1.2.1785420726.1646075363
.resistthemainstream.org/ Name: _gat
Value: 1
.udmserve.net/ Name: dt
Value: 7E7A979D-B004-36FD-8BC7-36761B82A907
.adnxs.com/ Name: uuid2
Value: 4503125521303474865
resistthemainstream.org/ Name: udmsrc
Value: %7B%22utm_source%22%3A%22telegram%22%7D
.resistthemainstream.org/ Name: _awl
Value: 2.1646075363.0.5-60b2b95e1b60ca40144e9ee56ae3f642-6763652d6575726f70652d7765737431-0
.quantserve.com/ Name: mc
Value: 621d1de3-232c3-b05ce-8e539
.resistthemainstream.org/ Name: __qca
Value: P0-1084276924-1646075363126
.resistthemainstream.org/ Name: _admrla
Value: 2.2-431dcb095e84933b-f07185b6-98c9-11ec-8170-01f162d0180a
.technoratimedia.com/ Name: tads_uid
Value: GDPR
servicer.mgid.com/ Name: __mglb
Value: f093cb96f37842cf40d0daae92270708
.mgid.com/ Name: muidn
Value: m1snRx0xOE9b
.udmserve.net/ Name: apnid
Value: 4503125521303474865
resistthemainstream.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1149360%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646075363289%7D%2C%22C1156929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646075363435%7D%2C%22C1261872%22%3A%7B%22page%22%3A1%7D%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 628DF1EE-372F-4038-B61C-BE7BB7B24661
.doubleclick.net/ Name: IDE
Value: AHWqTUkX6mruUH_DWMu7mdnzTkLOMznvRPL-Ij1qhWrwRZzXACEEG-yMN6HbcNsRh9U
.pubmatic.com/ Name: PUBMDCID
Value: 3
.udmserve.net/ Name: udmts
Value: 1646075364.0
.udmserve.net/ Name: pmid
Value: 628DF1EE-372F-4038-B61C-BE7BB7B24661
.aniview.com/ Name: aniC
Value: 1646075364389-977451507064-006288-015-000776
resistthemainstream.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.resistthemainstream.org/ Name: _pubcid
Value: 6a296de3-7bf4-43af-8e29-813c1a883684
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AP/DeGKrexJW5rZQ
.casalemedia.com/ Name: CMID
Value: Yh0d5P7IsX44Dy.LuvlNaAAA
.casalemedia.com/ Name: CMPS
Value: 3219
.casalemedia.com/ Name: CMPRO
Value: 1153
.w55c.net/ Name: wfivefivec
Value: 9XrzEBp21NoLoE5
.w55c.net/ Name: matchcasale
Value: 5
.owneriq.net/ Name: si
Value: Q6993617641140796926
.owneriq.net/ Name: p2
Value: cc
.brand-display.com/ Name: _knxq_
Value: 92c8bd6a-e3cc-3b22-9ed5cb74.1646075364.0.1646075364.1646075364
.aniview.com/ Name: 2_C_42
Value: Yh0d5P7IsX44Dy.LuvlNaAAA&1153
sync.aniview.com/ Name: 2_C_42
Value: Yh0d5P7IsX44Dy.LuvlNaAAA&1153
.rubiconproject.com/ Name: khaos
Value: L072RSBL-N-EH7F
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxLV0rrqkYgpmbRHKV/Y9AOYB3Biw5iW/3oEYu0+y2W/JNyxWWbqPGquw+MSO6WgXZHqWYKwlXfq1bEW+5NPoou8JhsHlJbldDe9ZF34Hh/LsaZr5ZVxLWDe
.casalemedia.com/ Name: CMRUM3
Value: bf621d1de4276092c8bd6a-e3cc-3b22-9ed5cb74&e6621d1de42760&98621d1de52760c1942a35-7f14-4560-8819-02790c427e89&1f621d1de405a00&2d621d1de42760CAESENsfy1Ou3PzBBQw5kB_4JDo&2f621d1de427609XrzEBp21NoLoE5&27621d1de40b40&f1621d1de405a0
.casalemedia.com/ Name: CMST
Value: Yh0d5GIdHeUA
resistthemainstream.org/ Name: hbmp_cap_h
Value: eyJydWJpY29uX293IjoxfQ==
resistthemainstream.org/ Name: hbmp_cap_d
Value: eyJydWJpY29uX293IjoxfQ==
.mathtag.com/ Name: uuid
Value: 109b621d-1de5-4c01-8d84-0d9f8cfec773
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 54580e52f4959033
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4167049332457013070
.criteo.com/ Name: uid
Value: c97352be-c80f-41fc-b20f-e27ce461e18d
.resistthemainstream.org/ Name: cto_bundle
Value: 7-F3vF9BYWZXOFNRTlZhOXdjU0xQbiUyRjJkcG02VVBjdlJEb0lRdTF3TVlBNVZUcUJJN1pFOGRWbkR2MGxtVHdEVTRyM1BBU1NMWTJiZGRyNzJtRVFTYm9JTSUyRlQ0M3I3Z29zQzRoSllhTVl5aHk1JTJGcGVVd3VyVlZFJTJGWUNqMzd3NVJYJTJCZDRUMUhIeUY2MWw4WEpKQkJQUmVMejBLQU5XSUttcnVRRWVvOHVGSndZWUtZJTNE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 158901:4
.pubmatic.com/ Name: DPSync3
Value: 1647216000%3A201_197_219%7C1646092800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1646870400%3A63%7C1648598400%3A203%7C1647216000%3A7_71_22_55_176_21_234_166_204_230_165_54_243_8_238_88_13_220_161_3_81_233_99_222_56%7C1646611200%3A15_2_223%7C1647302400%3A35
.quantserve.com/ Name: d
Value: EKMBCwHGJfijAA
.adfarm1.adition.com/ Name: UserID1
Value: 7069839872328333465
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB&KRTB&19420-WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB&KRTB&22979-WYCQGV7WxE5CgJJPDIGMH1-HwhhCisRIXIst08XB
.adsrvr.org/ Name: TDID
Value: e1fb2f6a-d869-4719-8236-54cc68fb9008
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~23hv
.onaudience.com/ Name: cookie
Value: 32bb70bf3a79a454
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMf2TEKmDBCS97AV_1jZgK0&KRTB&16514-CAESEMf2TEKmDBCS97AV_1jZgK0&KRTB&23025-CAESEMf2TEKmDBCS97AV_1jZgK0
.erne.co/ Name: u
Value: ynG3Qx6BrjaXujvX9AUXYZkd
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4503125521303474865&KRTB&23339-4503125521303474865
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-ynG3Qx6BrjaXujvX9AUXYZkd
.simpli.fi/ Name: suid
Value: 24392FAD15204BF4BC7D3B4D433ED08C
.turn.com/ Name: uid
Value: 7203241715059479037
.pubmatic.com/ Name: SPugT
Value: 1646060556
.de17a.com/ Name: guid2
Value: 1.8890840999861779946
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7069839872328333465
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e1fb2f6a-d869-4719-8236-54cc68fb9008&KRTB&22918-e1fb2f6a-d869-4719-8236-54cc68fb9008&KRTB&23031-e1fb2f6a-d869-4719-8236-54cc68fb9008
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4167049332457013070&KRTB&23263-4167049332457013070
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&KRTB&16736-uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&KRTB&23019-uid:109b621d-1de5-4c01-8d84-0d9f8cfec773&KRTB&23208-uid:109b621d-1de5-4c01-8d84-0d9f8cfec773
.adsby.bidtheatre.com/ Name: __kuid
Value: d63e0548-6ff8-42f2-a062-ebe80d3bb5fb.415289368
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7203241715059479037
.yahoo.com/ Name: A3
Value: d=AQABBOgdHWICEGxB8odndtgvORsYxXzGq3YFEgEBAQFvHmInYgAAAAAA_eMAAA&S=AQAAAqiU8Xoh62R9zz-J8Zww1oY
ads.playground.xyz/ Name: connect.sid
Value: s%3ALCCAmv5Ni5g4Oc0idUZbL-rOE7VjqHMO.cuvv4u4gWXavdntD1QmzL8Lkksg8tpGNi1IouPn7DE8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9c0fa485-a7cf-416e-9622-957f063085be-003%22%2C%22nxtrdr%22%3Afalse%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yh0d6AAJnSKgPwAy
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8890840999861779946
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yh0d6AAJnSKgPwAy&KRTB&22978-Yh0d6AAJnSKgPwAy&KRTB&23194-Yh0d6AAJnSKgPwAy&KRTB&23209-Yh0d6AAJnSKgPwAy
.bidr.io/ Name: bito
Value: AAGJnU7EOjwAAH_r5rZlMw
.bidr.io/ Name: bitoIsSecure
Value: ok
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9c0fa485-a7cf-416e-9622-957f063085be-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-9c0fa485-a7cf-416e-9622-957f063085be-003
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4df59dfedc7e39aaadec1ef742359417
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj0tIeI_L29OhAFGAEgASgCMgsI8reOt5K-vToQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects219
Value: 1
.bidswitch.net/ Name: tuuid
Value: ae09e449-bcfe-4f13-b5e3-4abc1202ef0b
.bidswitch.net/ Name: c
Value: 1646075369
.bidswitch.net/ Name: tuuid_lu
Value: 1646075369
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-758eac4b-f0cc-4018-4acb-60d69bf95b3d.UbFEWDv6O5vkOq2AO2%2F8te7J5TTMpxITVZFlFHOGJzI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AdY6sS_DMQBhKy2DWm_lbPcEbDgo.u17%2BCpFf1kKvgMJVO5r85NQ2FnwlZ7IWTuoDr%2FdjP%2F4
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-dY6sS_DMQBhKy2DWm_lbPcEbDgo
.pubmatic.com/ Name: PugT
Value: 1646075369
.tribalfusion.com/ Name: ANON_ID
Value: aHnsIHolXVjQuWx7J3gGS16prOtCLZca1ZdqT92sZbrkFjcMNSl6w22yBdVpHguSSupPVdQqZdWFjK8KbjjsYdAB4obW
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2d9ee9af52e5c07c
.zeotap.com/ Name: zc
Value: b47eaef6-4cda-40ed-4479-bc5dd22c801d
.zeotap.com/ Name: zsc
Value: %D0e%C5%19%2B%40%87Y%BD%02%CC%40%03TO.NA%C4%1F%2F%D0%EEo%9B%BE%8E%05%0B%0F%0E%CB%1Bx8%ECF19o%FC%EC%0B%E9%10Km%E6%8B%7B%09%25Y%5D%25%1D%E9%2C%BAe%A8f%EF%01h%CB%8C%E8s%3B%1B%15%0A~%BF%265%A0Ja%06r%03
.pswec.com/ Name: tuuid
Value: fb426a21-f691-4e49-8f65-32ad8ddf3b1e
.pswec.com/ Name: c
Value: 1646075369
.pswec.com/ Name: tuuid_lu
Value: 1646075369
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ae09e449-bcfe-4f13-b5e3-4abc1202ef0b

3 Console Messages

Source Level URL
Text
javascript error URL: https://resistthemainstream.org/donald-trump-were-coming-backsomethings-gonna-happen/?utm_source=telegram
Message:
Access to XMLHttpRequest at 'https://api.viglink.com/api/ping' from origin 'https://resistthemainstream.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.viglink.com/api/ping
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.tribalfusion.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
api.viglink.com
atrack.avplayer.com
beacon-iad3.rubiconproject.com
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
c.mgid.com
c1.adform.net
cdn.contentspread.net
cdn.mgid.com
cdn.viglink.com
cdn1.decide.dev
cdn2.lockerdomecdn.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fearlessfaucet.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jsc.mgid.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcd.ex.co
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
p.midserved.com
p.skimresources.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
premiumsrv.aniview.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.owneriq.net
r.skimresources.com
research.adtelligent.com
resistthemainstream.org
rtb-csync.smartadserver.com
rtb.adxpremium.services
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.pswec.com
t.skimresources.com
tag.targeting.unrulymedia.com
tags.mathtag.com
talk.hyvor.com
token.rubiconproject.com
track.adform.net
track1.aniview.com
trc.taboola.com
udmserve.net
um.simpli.fi
ups.analytics.yahoo.com
video-native.mgid.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
api.viglink.com
104.109.78.125
104.111.242.53
104.154.142.214
104.19.133.78
104.19.135.78
104.36.113.35
142.250.181.226
144.76.91.199
146.59.148.16
148.251.121.152
151.101.130.132
151.101.193.44
151.101.2.49
151.139.128.11
157.90.212.181
159.122.14.34
172.217.18.98
178.250.0.157
178.250.2.131
178.250.2.151
178.62.202.251
185.184.8.65
185.29.134.244
185.29.134.245
185.33.220.242
185.33.221.89
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.83.70.67
193.122.128.135
195.5.165.20
198.148.27.140
198.47.127.20
199.187.193.185
2.16.186.139
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
209.54.180.144
213.155.156.180
213.19.147.43
213.19.147.44
216.52.2.30
23.88.75.188
2600:9000:2156:5800:9:d7ff:bd00:93a1
2600:9000:2156:be00:8:48e:53c0:93a1
2600:9000:2156:c00:6:44e3:f8c0:93a1
2600:9000:2156:de00:a:cbb7:a940:93a1
2600:9000:2156:f800:5:c4ab:c3c0:93a1
2602:803:c002:300::76
2602:803:c002:300::99
2606:4700:10::6816:1957
2606:4700:20::681a:256
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4514
2606:4700::6810:135e
2606:4700::6810:a40d
2606:4700::6812:272
2606:4700::6812:c05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2006
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00::210:bb21
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:d29:3605:9290:fe02:2ee8:2378
2a06:98c1:3121::7
2a0c:5c81:5142::2
3.126.56.137
3.33.220.150
34.102.253.54
34.111.151.213
34.194.95.81
34.196.42.166
34.232.190.145
35.172.57.251
35.190.59.101
35.190.62.199
35.190.91.160
35.201.67.47
35.211.178.172
37.157.2.248
37.157.3.28
37.157.3.30
45.133.44.3
45.133.44.4
5.178.65.245
52.17.84.146
52.206.128.29
52.58.249.203
52.59.123.232
52.71.142.200
54.166.244.71
54.174.213.70
54.247.43.164
54.36.109.46
66.155.71.150
68.71.249.118
69.173.144.139
69.173.151.100
72.251.245.181
85.114.159.118
88.99.219.174
88.99.65.215
89.187.169.47
94.23.171.206
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
068aeb055e0bf258841870f1ee9acee5542e02515b935af0702ad1bc41afb656
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e494cc16be10317bfde4b2339643049ee536117f767c661fb323cacee982994
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a5a4e7ead41f845ca2cbddf2f32eddf7da97bef12f3fde0d9c34ba9ff5eb9ce
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1c016d976f3fa68818025fc7a9526acde60c5970e4284f7009d240d6bc4994ac
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
200c18ab1aafcc509954085bdaff91dc6893fd31ebddf2fefd03f7172f34035e
204fabb70a4c34f7230350657538cc17807f108b1d8bd1eb55ee08727debc777
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730
21d84c2b7e2a8737088609a106ca4bab5a3906ddb000d742eb02c65a89330fd7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28356218c0e38e5b37377618ea97a909ae156786abe654381028d4cf191764b0
285255ce3c314fd1960fc834e5ebdfce15638c5d94d06dc02d15611317d7f284
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b1253f33b7c02ab4068ad5b7d2c117f22f214f63804f00e8591a5cea60be5fd
2b417f8a4f97106db46e30bb6be8a89ef5e6242afb361653f9cd1eda9abcab1e
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2d6127f59dc57a2ca1b84b10b0d9bb1fe794e8db40e055bf09c3f2d01ca3a287
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2f44a459ede8be3dd24268f27949c06880929fc876716e3787b8f6a4ae0928eb
2fec46d6c6cea091c5555a2d620711cf4729fadf608d437ad96d60ffccff9d29
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451
30aa166058d8b384b8f9c5b6a95fd417f61ed571092d20a31f2efbf39bf0a8eb
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca
33904ff5ff29013c63e5c4fadda0fdad8ae7b8d045cd416ecb6a967b311d66d7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3822490667d8b5f084147e84300d95efbcbbdd9aec4045f2d8ba5adb2fedd5c7
38ad74927dffa428f88472c101c2d2f1fd943032ccdea08170ab2391c0f4c2a9
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec0bab1fb5f5a09834d9d0c5903e0eb2ec5b71033eb38df02f17da8fd6ba177
3ecec3b87a5d0fe83d52d888dee09f38692ca42ae9e615024ad29bd531decbc2
3f95deb0fb3f290cd173a75a6b1b39beb065821dd009451ac2cd847f638dffd6
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4368af2afa82ef7a4b538d9366ab8b34d2097a49b3efda85ad1c8e2f7d95cc44
4790652cf038086703be6bbb9395ae5a8549b412f19cdf26123cb574dfabbd67
48048b6601e63749eb014a1dd5c31c6cc8272f633cb53849a224783e34569015
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
4df205daa27bd528ad0d5084dc795c884959614cbed0fc636548303a6db0e03e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3
53d5074fbb1ecbf910cc728c5577c7e47659ad48e753d627d2cc5b8d89c534dd
551334ab1207b5331a130f3baa826d8d9e81334449ddc47af05dea48a1b8a68a
55f59dd90093c465f7c024b2affcd4a8e492a5b6dbeb8c6d5cf10e7ac41aa6f6
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5a48114c3cbaa77fab95d9ce5e3e5ab0dbd1cc9e4caf700106dc4aa9beb904bb
5b0d7463f8f6e66c4775477c67ca20a9435ebc11960973ade1022e0a41a5fd76
5be9b0d52e3137b77ee3f8766bb49308988f72ad3b7c9e17dabf71b2b04e760f
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5f5cc14425f252a51538edf4a3e8eb842fc5f640a90e0e3a2b9856007aff50ef
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
620877d80966782d88b31255132304930531edd5d3792854f8dfc4816416dbf6
6241d571e3bad2f2807788473918ed1078f5f9a2a2eb3754f4fb29ae97a7e0c4
6461659d02c2802ad7e6d383f39dae8b87d48bd991c58bb8d022736fe10a892d
64a3b3e2b1b75a5f221ab70d016f85b0b94da670c2e046fa9db4dabdf39189e9
6532bafa66bd560b6732137e8be1c98ad393b41097b963a9ab389b2dc13eaf49
65772f5d2029b3f616d43c8beedcdb2d4add3cda1d1068e761dfbf966fd4d6af
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
6844d6dfde44c61c7bc52a4f958f110bbd8dad57ef644657edf4390f222a0861
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
6a75650c7041b3d96cf76b88cbbceb38dde933724ecdf328d39f2a399758062d
6bb52e9e8b38f3082a411231c7e1f7adaf6fd0a2b14583c3b87e2ef7174b47bf
6c248d880f26dcd44ab9a0416174be27cc41a52979d92fc3de0ece05635f2190
6cf370a81e8f9d7ca9f8e9a1239935432d4537acb7fc1e3acda3a0cfe9127c57
6e4e6f4910d3e428204e31dbbf96a2cab11b126b1afe87a99987954bbcceb3c3
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75f0ee9647c1d9d516b44634223490e49b2bb6271347aa0659882cf97cf28776
769968d586489050b97c345679dc9d6f2121a1c26c368c939ef6d0894a8025b0
76c034c998a2469296576b723761d19ed465bec2b0121f3d1d388d681b946a07
76e0bd45add7e97d531583fc2c296ce699eeeccdebd54f2eaa0741aa00eb63c4
777ed778de6f8fc2f1d332610998bf45a8c9c4601ea0f96c91ec92052708f6f6
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a914e6b7f93369a1438cd895fd34ae211a93feb4eecaca4ca26f300af869a7a
7ab0b8f156bb89777d7d3ff99671f3208ebd57c1ce949080138bce2efef451d6
7d59162941ab2c89197f8db7a428e791b24517825fe8b9de25c11a7699d2ea4e
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
854c3bf78e313faae4d291e0139cd15e886539f00d4a70b0dab49f30bc7489b0
85e57ced3122083f92a90dd169ea322ecb5d88b2ac67b402f4e4e9299de9955a
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8859dc3881ad416cb447b4fde1c98b1bd977be58268cf6c524c8e61e8cc770b6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8c5b28b6a34e7a768e0658ce1230677d79a109c9578c62c98c5961020c77f119
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
905f21e793431ae9e5a08c2cf17e68ab165be8f450056efd3912ea782c0a3e77
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94aea0bf6407c556d6403f2390af417fed122850cd2382a966b0bff02b839150
95c403c0e7b683d08745c0e18f2a881be0f5b329da5aff039642f73048f3168a
963c4736e074f18b88a0f134bdf1b7a6e0c517d8829818054d10ab62877fed05
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9966fc9c928cba02ffd2d23487340ed1ef61fcdc3dc91b825a94f7bb0cdaad13
9a6368cbde5fc5d0400edfff0f9e0321ee577b0144d0692d9aab0fece4b30f58
9a76630aeb16240e83f630491860681c35ec807a778524dafd8841013388cdd7
9e876b5900cecd21791eef81d387ab73e8413e9d8d091f5bde4e21d7335a1d83
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
a01112d5832bbd7d26eb685f85ac8f08ccfee867655af37bc0a1c6ad915afd71
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a31739109b56731f390e9402cd18555d39b91dea833fe3bb9a9b33d6e8236172
a340cf95db4ccd0957a3dfd1abdca7217f188dbe8c952ea06c6b67f41bf25be1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f660360f986830418098d593c35845d576cf1d16de89151f8c77266ee3164f
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bacdb6fe76362ca53bce31ce973a45dcbd5189ff897a79cf5a970c9c487f52e9
bb6e08a8dc465aad8a234c6dfccd200a3dea506db71950bf63314cbcda13dc3d
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6
be9c1a0581c5b3c6f104e4198ac8fac9dd9353e1ae9fbe752b932370d71c93db
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c20fe9d4c0e22c732315f2653bde49b230ad9111f4f2c0ab0b8e913b70f785b8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ba31791ed596963078a181cd695f2073bd4f13fceeacf1d33e61f448a4d52c
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9
c527327dbe1f6fcc943a23c45c78cf92daa365a7f5f2226b395a5a5f787cc8a9
c609515abbf7b754b26ca2f25751186159da54269e7bbbda89db6355652dbb07
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9074b438586a9313e096606a3e7e150b254bfe157e13efc9e845666dbb50567
c9d707a25d2ab9309dffd9f178afd49d6a4c3af28f2bca34b691795e979fc570
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca58561193cd33a489a451411d1f6a1a3b32c07a137a708e095f8673139f9dc9
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc869e20cfb50788075b9a50e4e25f2e50bba3b66abc517565ef1735638a80da
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbfb77a8ec93c492ddb23650915dc98fd562a4e7c1071dc18194f78933ff4d1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a23c00181a7f87de086516f293446345eeb9dc5e73d073d871eee35316e8a3
d261a9b38d6d7f322d7fa906d61b29231350cf8ce1b86c2a545a09b5317e3283
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
d9c2d3d15c40d77b0e466603aff3b13540e6fec4cb9d106b98a12db93f16f366
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661
dcb2b0d9a945dbe88c1f7455461eb16c036cf2b73795f5c3543cdf83ef239164
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf4c3c61f37cebe65a05b7ce7119447d0f7bd0e1ae0a1a684d9a0674aa7a163
de2bfe8aff9acf9909a1a5efd95f485445e488625d1f76e1498e6e15f14a0558
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e37c289543df4e5843ff4038fbf54c0a9a38817fd5ab9d7b31bcac4d11faae89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e540517dfce921b944da3766a59a12cae0377cec8093722006850d8c6e1c2039
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314
e8bbe246240dce91a77a3fa18fdf91ebbdaad9823dfa9b200f8139a4a728623d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eee29f9060c4e41346e99035b27d15d16f1fb8434048dd5ccd3828b9454711d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1b25368702c79276c9784d88d8e762101568cf7cc6ce32c74ff2f19413ad3b
f0afef710cb6cd3d2104ad56a3d3aa1f7ac54441adbc87a6dcfe2c44bcb9afd9
f1a7c99a269bc09772a3aea64343e714ee4b8db6c7a5c9494e7b1aa2d115d64e
f290448e48925282619c9b0c7a2ac2157dc23bfd21f0ea9c17619e506ba14000
f51346f56c67f29e6f48595a158e6cee206c65764fc7ae111eeb6ecff2e7d941
f5d672ca755debf01121747cb27245811fe8d4477515548828af441bb75fef3a
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f720daad4fde31719222d7ada751fe7b993e3dbae04545eb5c76081967ca0a19
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
fa3840ee550368f0214e8d48346c920935f68d352a683adac71c442202121b2d
fb186a1f6fa05ffe11c4da318216b4daef595d918293424a7c3ce41796baf5f7
fb73059294eac68cdcebfab256eee625a837fcb65f481e5e3ce7f873e094b275
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2
fc36001176809c54fe050368b70394598595dae41be3d65fcf4b940c2a6b8fed
fc5a03b9f1e266f741abc0057ddbf100813b5d83dec56cfd6735018fc478e152
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd
fca07f51c4cfeca53dd6ee70c1eb966e9c94ddbdc0ece16a121f02a3f5426811
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fce9eceabf0f92db3bc63f0decee2504a49c5b89706f748f7098b6eeff79109c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869