www.truthfinder.com Open in urlscan Pro
2606:4700::6812:6081 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.mg.truthfinder.com/c/eJyUkctuo0oQhp8G747VFxrohRd2CNhO7BwzCZjeRPQN43QDMjgYnn7EzGj2syqpVPr1ffXLFVTcg3ChVtAHPkYeIXChbF...
Effective URL:
https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Submission: On February 07 via manual (February 7th 2024, 5:51:53 pm UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 19 domains to perform 77 HTTP transactions. The main IP is 2606:4700::6812:6081, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.truthfinder.com. The Cisco Umbrella rank of the primary domain is 89549.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2023. Valid for: a year.

This is the only time www.truthfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.110.180.34 34.110.180.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.227.225.220 35.227.225.220	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	2606:4700::68... 2606:4700::6812:6081	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700:20:... 2606:4700:20::ac43:44d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	52.213.96.109 52.213.96.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:1ff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	2606:4700::68... 2606:4700::6812:1d9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	52.35.146.114 52.35.146.114	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
77	28

1 34.110.180.34 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.180.110.34.bc.googleusercontent.com

email.mg.truthfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.225.220 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com

e.customeriomail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:6081 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.truthfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.truthfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.truthfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.96.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-96-109.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1ff8 (United States)

ASN13335 (CLOUDFLARENET, US)

api2.truthfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6812:1d9b (United States)

ASN13335 (CLOUDFLARENET, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.35.146.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-146-114.us-west-2.compute.amazonaws.com

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	audioeye.com wsmcdn.audioeye.com — Cisco Umbrella Rank: 6626 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 4676 analytics.audioeye.com — Cisco Umbrella Rank: 5239	412 KB
13	truthfinder.com 2 redirects email.mg.truthfinder.com www.truthfinder.com — Cisco Umbrella Rank: 89549 static.truthfinder.com — Cisco Umbrella Rank: 573201 api2.truthfinder.com — Cisco Umbrella Rank: 154035	1 MB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6518 ampcid.google.de — Cisco Umbrella Rank: 80806	996 B
4	google.com www.google.com — Cisco Umbrella Rank: 2 ampcid.google.com — Cisco Umbrella Rank: 2967 region1.analytics.google.com — Cisco Umbrella Rank: 2616	1 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2947 tr.outbrain.com — Cisco Umbrella Rank: 2812 wave.outbrain.com — Cisco Umbrella Rank: 2909	9 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com — Cisco Umbrella Rank: 646 trc-events.taboola.com — Cisco Umbrella Rank: 2085	24 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
3	gstatic.com fonts.gstatic.com	60 KB
3	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 10885	68 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 12071 directory.cookieyes.com — Cisco Umbrella Rank: 13911	419 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	210 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5512	288 B
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 9656	21 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2633	258 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	873 B
1	customeriomail.com 1 redirects e.customeriomail.com — Cisco Umbrella Rank: 61670	202 B
77	19

	Domain	Requested by
16	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
6	static.truthfinder.com	www.truthfinder.com static.truthfinder.com
5	analytics.audioeye.com	wsv3cdn.audioeye.com
5	www.google-analytics.com	www.truthfinder.com www.google-analytics.com
4	www.truthfinder.com	1 redirects www.truthfinder.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.truthfinder.com
3	cdn-cookieyes.com	www.googletagmanager.com cdn-cookieyes.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.truthfinder.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	api2.truthfinder.com	static.truthfinder.com
2	www.google.com	www.truthfinder.com
2	tr.outbrain.com	amplify.outbrain.com
2	www.googletagmanager.com	www.truthfinder.com www.googletagmanager.com
1	ampcid.google.de	www.google-analytics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	hexagon-analytics.com
1	directory.cookieyes.com	cdn-cookieyes.com
1	wsmcdn.audioeye.com	www.truthfinder.com
1	cdn.siftscience.com	www.truthfinder.com
1	vc.hotjar.io	script.hotjar.com
1	trc.taboola.com	cdn.taboola.com
1	script.hotjar.com	static.hotjar.com
1	log.cookieyes.com	cdn-cookieyes.com
1	wave.outbrain.com	amplify.outbrain.com
1	static.hotjar.com	www.truthfinder.com
1	amplify.outbrain.com	www.truthfinder.com
1	cdn.taboola.com	www.truthfinder.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	www.truthfinder.com
1	e.customeriomail.com	1 redirects
1	email.mg.truthfinder.com	1 redirects
77	34

This site contains no links.

Subject Issuer	Validity	Valid
truthfinder.com Cloudflare Inc ECC CA-3	`2023-06-30` - `2024-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.siftscience.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-01-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-14`	a year	crt.sh
directory.cookieyes.com Amazon RSA 2048 M03	`2024-02-02` - `2025-03-03`	a year	crt.sh
wsv3cdn.audioeye.com E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh
report-prod.audioeye.com Amazon RSA 2048 M02	`2023-09-17` - `2024-10-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Frame ID: 8BC24C91E4C17A0EA2EFF1081544524F
Requests: 72 HTTP requests in this frame

Frame: https://www.truthfinder.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 716417EE970FD00E3298EFE8B71C1C8B
Requests: 2 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=7fd6359
Frame ID: 4B5BB226F9054CEADCAAB43AE4291C01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TruthFinder - Loginclose carousel

Page URL History Show full URLs

https://email.mg.truthfinder.com/c/eJyUkctuo0oQhp8G747VFxrohRd2CNhO7BwzCZjeRPQN43QDMjgYnn7EzGj2syqpVPr1ffXLFV... HTTP 302
https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVDM2Z1lCQU8zZF9RZnMzZjBIQVkyRWw3Qjg5czR3ZksxRy1Kc3pV... HTTP 302
https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

99 %
HTTPS

55 %
IPv6

19
Domains

34
Subdomains

28
IPs

5
Countries

2409 kB
Transfer

9068 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.mg.truthfinder.com/c/eJyUkctuo0oQhp8G747VFxrohRd2CNhO7BwzCZjeRPQN43QDMjgYnn7EzGj2syqpVPr1ffXLFVTcg3ChVtAHPkYeIXChbFGZz0quZPmOvTLfrN-w_DzpDmuwXefo2fibgHbuoF9g_N--mz5KB4cODheXVQAAkBgU1EMSuIS6okAIU88vfK-gPllU_5C6_AsFHBfYctnf7v1FV7VUt6Vo7MKsLn3fdg5eOyhyUKSW4t71jVW3qpkl5qN57aBIzHPcG55FLY9oy5523s4mdRoeEIPm6fQRTCyiCasPE7tudqf0a0yyAZ-uJRFTgtlX90hG-CJwm7IJ0F01VMV2b1g151yA3G6mtyr4llji1zoZ5TlpmDV3Fqfjqz1-8x-040i2_EqhjKEWiEJhj-b_czLmGZnO24_hEO6QPCf9GUHDYgP5O_zD-4CHcD0e6xTwlF7zDA55Zmp-hSPL9i2PH5qFz9Xr077ldWKEJRf-yy_HLHsejjYyh_AEcpR-sTixLFzjmZ_H5l7A3784XMWkTw6KAldhRDzsQSo1DUSgYEAkAdLXvqCSuEXgcoJpobkkVCgYYBhoqBF3FeGuv7itYtXcSrXsbNVf5uL6Zdl8_wwAAP__y_nDkQ HTTP 302
https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVDM2Z1lCQU8zZF9RZnMzZjBIQVkyRWw3Qjg5czR3ZksxRy1Kc3pVZz09IiwiaHJlZiI6Imh0dHBzOi8vd3d3LnRydXRoZmluZGVyLmNvbS9sb2dpbj91dG1fc291cmNlPXRyYW5zXHUwMDI2dXRtX21lZGl1bT1lbWFpbFx1MDAyNnV0bV9jYW1wYWlnbj1yZWJpbGxfZDEiLCJpbnRlcm5hbCI6ImY3ZWEwNmFlMDQ0Y2VkZGRmZDA3IiwibGlua19pZCI6MjczfQ/84e32563619df98c8e185d50d7f7c9d54a84b539afbd59ce18318f1f2b4e5b47 HTTP 302
https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.truthfinder.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.truthfinder.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.truthfinder.com/
Redirect Chain

https://email.mg.truthfinder.com/c/eJyUkctuo0oQhp8G747VFxrohRd2CNhO7BwzCZjeRPQN43QDMjgYnn7EzGj2syqpVPr1ffXLFVTcg3ChVtAHPkYeIXChbFGZz0quZPmOvTLfrN-w_DzpDmuwXefo2fibgHbuoF9g_N--mz5KB4cODheXVQAAkBgU1E...
https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVDM2Z1lCQU8zZF9RZnMzZjBIQVkyRWw3Qjg5czR3ZksxRy1Kc3pVZz09IiwiaHJlZiI6Imh0dHBzOi8vd3d3LnRydXRoZmluZGVyLmNvbS9sb2dpbj91dG1fc291cmNlPXRyYW5zXHUwMDI2...
https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

4 KB
3 KB

809ms
746ms

Document
text/html

2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109dd2c715577a0588491f5cad5d43ee9523ffe94f16fe74dbfa29f2d01c6226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 851d7b9c4a15914a-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 07 Feb 2024 17:51:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
date: Wed, 07 Feb 2024 17:51:46 GMT
location: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 3 KB
873 B 74ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400i,700

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a13948d267d26dd35406b5c6b1fe280c6cf29638ad4a08046d975d43dc8efce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 17:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:51:47 GMT

GET
H2 200 vendors.f9d8b084b6ecf8690152.css
static.truthfinder.com/ 13 KB
4 KB 111ms
92ms Stylesheet
text/css 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/vendors.f9d8b084b6ecf8690152.css

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6492a3b1665cc1a24c4ce9069553ac8773ece4b1a3c06961a081a5b7014932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPrUm5_6Z1cqrWLwgWMWoKjy3bv_vCPzrSKlMp97TVRG8ra-G0MmXZCGHAYfCDcq3Pe_Phn7gmtJeQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:31:49 GMT
server: cloudflare
etag: W/"6c2960eba32fdd600d314f66faeb5666"
vary: Accept-Encoding
x-goog-hash: crc32c=5lU9Tg==, md5=bClg66Mv3WANMU9m+utWZg==
x-goog-generation: 1701371575346982
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 12900
cf-ray: 851d7ba149f1914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

GET
H2 200 app.86583c5738a1aaf0ab30.css
static.truthfinder.com/ 68 KB
11 KB 239ms
220ms Stylesheet
text/css 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/app.86583c5738a1aaf0ab30.css

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91aff0cdbd879b258060c7ccc35af0324d8946b06d002a124414ccb0ea9f9dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPprEr7xoqPFP3YoY_rKQWM_Lj21En-TZX7f85hIwLOhJWzoW_Oo9is134hTDUW4OEA-XmW1ewgWZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:30:46 GMT
server: cloudflare
etag: W/"9671d0dab04e24c203faf64dd79437ad"
vary: Accept-Encoding
x-goog-hash: crc32c=EowGyg==, md5=lnHQ2rBOJMID+vZN15Q3rQ==
x-goog-generation: 1705435571300369
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 69325
cf-ray: 851d7ba149f4914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

GET
H2 200 vendors.f5effd795604b093cc7e.js Show response
static.truthfinder.com/ 5 MB
1 MB 137ms
129ms Script
application/javascript 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/vendors.f5effd795604b093cc7e.js

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b73bd7a720e57dd639fd9045cfb9c2983e87ff6dc83d790832a0435af7d7d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPoQlfbS8jmjFOdokDvW1XafNe1feKfc5j5m_Z2fy91sJT6nxVXjnLhkYE2eM1Gh0tkiOD0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:31:48 GMT
server: cloudflare
etag: W/"faca3d38a64e5bcfcf19e7fe875b6908"
vary: Accept-Encoding
x-goog-hash: crc32c=pBaBvw==, md5=+so9OKZOW8/PGef+h1tpCA==
x-goog-generation: 1707242495562784
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 4987406
cf-ray: 851d7ba149f6914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

GET
H2 200 app.18d4a43062dd7cd31f3f.js Show response
static.truthfinder.com/ 1 MB
326 KB 278ms
271ms Script
application/javascript 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/app.18d4a43062dd7cd31f3f.js

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

120a29c90607e3621809457addfc82d1cce72abf483194a36af7978f70c83392

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPpGjz4q7hVTr6uABMank3aDQetSlGydQ1Q9jNzOz4Ms0FPGqXurmgSAasrylDV82ZH_QnWsePzkXQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:30:45 GMT
server: cloudflare
etag: W/"c5a2cda5c5399b8fc087df4e2382d42d"
vary: Accept-Encoding
x-goog-hash: crc32c=7yit1g==, md5=xaLNpcU5m4/Ah99OI4LULQ==
x-goog-generation: 1707251445923845
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1207420
cf-ray: 851d7ba149f8914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 457 KB
125 KB 117ms
69ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NX5MS5P

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b06d4caec36c7144a825172f664888fa55c5df391985c549e237be5ceebf370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127926
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 17:12:39 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 17:51:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 17:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 218
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 07 Feb 2024 19:48:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 26ms
25ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2062148624&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ul=en-us&de=UTF-8&dt=TruthFinder%20Account%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=collection&ea=choose&el=truthfinder&_u=IEBAAEABAAAAACAAI~&jid=499096867&gjid=910214562&cid=215500941.1707328307&tid=UA-57330407-1&_gid=2124684253.1707328307&_r=1&_slc=1&z=1975056644

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2062148624&t=pageview&_s=2&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ul=en-us&de=UTF-8&dt=TruthFinder%20Account%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=215500941.1707328307&tid=UA-57330407-1&_gid=2124684253.1707328307&z=330508865

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 19:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82030
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 78ms
26ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-57330407-1&cid=215500941.1707328307&jid=499096867&gjid=910214562&_gid=2124684253.1707328307&_u=IEBAAEAAAAAAACAAI~&z=99562332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Feb 2024 17:51:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/817470613/ 3 KB
2 KB 106ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/817470613/?random=1707328307570&cv=11&fst=1707328307570&bg=ffffff&guid=ON&async=1&gtm=45He4250v77142822za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&hn=www.googleadservices.com&frm=0&tiba=TruthFinder%20Account%20Login&npa=0&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX5MS5P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ce20796e26a2c1973a5135073a26a3f64c303c3c235eac8061f6b8175a4fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1285
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 89ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX5MS5P

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 07 Feb 2024 17:51:47 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A032BF19DC35458CB0CF1C1777A22F91 Ref B: FRA31EDGE0115 Ref C: 2024-02-07T17:51:47Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/ 93 KB
35 KB 96ms
51ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX5MS5P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ef1fc98e2723a3a8b84963802d429d4dc8218e458096b6c4ba2ea0b0506396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 00:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 55530
etag: W/"1751e-60e8ca77bad06-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuZMByq2T%2BRxtk3I7h67PW2WZEGzQbuy9E6g1BuaJxDKpyw95RxXNI2o9TmNt6MYn9hakcFYKW%2BSDrbNy31x61uJ31kdQ8xne6Veg%2Fxx4zqDMVq4yb2D9DWBNKoR%2ByUP0op6pEWL%2BEPfirbLzBVS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 851d7ba2adf75b62-FRA

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1036046/ 69 KB
21 KB 113ms
35ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1036046/tfa.js
Requested by: Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09cdac512af81a51aeae4dcc7d4adcca2d8874b3e43b81fb23073c07659ca680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: nc4Fi51sPr2pRHiB6WHALxS7kt.Zmwby
content-encoding: gzip
via: 1.1 varnish
date: Wed, 07 Feb 2024 17:51:47 GMT
x-amz-request-id: PDK5287QKNZZYQ05
age: 75
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21513
x-amz-id-2: 7r/G2TFJOSKBBMUZccKT40QT5La6sZJqq25LDK6fDDfJ3G4aa8CAvHNarIkg/H/vP/wnBBjxI4Y=
x-served-by: cache-fra-etou8220097-FRA
last-modified: Sun, 04 Feb 2024 11:02:33 GMT
server: AmazonS3
x-timer: S1707328308.677985,VS0,VE2
etag: "f7902ea3f8918fff8e710b4ba1c08f1b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 63ms
18ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:51:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:28 GMT
Server: AkamaiNetStorage
ETag: "928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7779
Expires: Wed, 07 Feb 2024 18:11:47 GMT

GET
H2 200 hotjar-99782.js Show response
static.hotjar.com/c/ 9 KB
4 KB 102ms
53ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-99782.js?sv=6

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

f98ba81ee2004feeab06856d610987055f04bb37412030c3011f5f478a17b318

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 17:51:47 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/3703da19a47a952df758568bbb5e54a7
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VnIQuNBjn--5CdGYmd7jGPSvmPnFDgjW8mBiOJGyE7XAf7gG3-o-IA==

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 443ms
112ms Ping
image/gif 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05024554148168441&referrer=&cht=gtm&marketerId=006b04dcec0fce3fb293a585706e0c174b&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:51:48 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: b546950565e806b1f77d65d0d8cf5761
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 444ms
113ms Script
application/javascript 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=006b04dcec0fce3fb293a585706e0c174b

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 128b550cce24aae3f32ad21761e1bb47
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 006b04dcec0fce3fb293a585706e0c174b Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 65ms
18ms Script
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/006b04dcec0fce3fb293a585706e0c174b

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 07 Feb 2024 17:51:47 GMT
ob-sent-time: 1707287078974
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: eb4fa144fb60450ed463e5048fda8fac
Content-Length: 22
Expires: Wed, 07 Feb 2024 17:52:47 GMT

GET
H2 204 4053030.js Show response
bat.bing.com/p/action/ 0
118 B 45ms
45ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4053030.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 07 Feb 2024 17:51:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DBA23BF19C44B64BE3D1C1F28A216CC Ref B: FRA31EDGE0115 Ref C: 2024-02-07T17:51:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 101ms
101ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4053030&tm=gtm002&Ver=2&mid=1c234e82-f8b1-40e6-91d7-ac155a2b0c87&sid=907123d0c5e111ee840dd91e2e49cce1&vid=907129b0c5e111ee91c419b71a24dcb5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=TruthFinder%20Account%20Login&p=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&r=&evt=pageLoad&sv=1&rn=211824

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Feb 2024 17:51:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 504E9B21CE7D4548BF902DF8DBA6BD3B Ref B: FRA31EDGE0115 Ref C: 2024-02-07T17:51:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 142ms
45ms Ping
text/plain 52.213.96.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.96.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-96-109.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryd2CNBmPp4nZ65ScM

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 17:51:47 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/ 93 KB
33 KB 36ms
35ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd611e485659d744bbbf77375a0546a1b68c446e3cf9f5e6d641ab0ac42edcaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 00:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52286
etag: W/"174dd-60e8ca77bad06-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNViZb43hhoujvrXci8bkmwWoepxNGsyScBQ0gS5DemgfFogCL4fPzJJ2C%2BCJiEBlSbUh2MzHcpfxfrqSBGsaCHGAkYzcxcCOJq8UvS5BahLTuSZ%2Fh5d3UEorSGO5GT0ANSkMM3U8acO0lwaoP%2FH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 851d7ba31eaf5b62-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/817470613/ 42 B
455 B 90ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/817470613/?random=1707328307570&cv=11&fst=1707325200000&bg=ffffff&guid=ON&async=1&gtm=45He4250v77142822za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&frm=0&tiba=TruthFinder%20Account%20Login&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_PJ0LFXLh3BSBChLCu-MbmvFNmbQT6w&random=862849285&rmt_tld=0&ipr=y

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/817470613/ 42 B
455 B 74ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/817470613/?random=1707328307570&cv=11&fst=1707325200000&bg=ffffff&guid=ON&async=1&gtm=45He4250v77142822za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&frm=0&tiba=TruthFinder%20Account%20Login&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_PJ0LFXLh3BSBChLCu-MbmvFNmbQT6w&random=862849285&rmt_tld=1&ipr=y

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.fd7a1c20a85f7a95e5ff.js Show response
script.hotjar.com/ 218 KB
55 KB 111ms
26ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-99782.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 452141
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55316
last-modified: Fri, 02 Feb 2024 12:16:01 GMT
etag: "253d3ab37754a78a185ec9d668fb77c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ATZTV9ixYueGQwH4-385DMNHGLy5D3si83twk_Isrl7NZn7ggnugTQ==

GET
H2 200 json Show response
trc.taboola.com/1036046/trc/3/ 2 KB
2 KB 86ms
73ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1036046/trc/3/json?tim=1707328307711&data=%7B%22id%22%3A942%2C%22ii%22%3A%22%2Flogin%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1707328307699%2C%22cv%22%3A%2220240201-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.truthfinder.com%2Flogin%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dthecontrolgroup-truthfinder-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1707328307710%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1036046/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fc6c17f2311e65dd0c6666bf4aafa2c2da51aac9b7de733b019658dea4aa90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3096875
x-fastly-to-nlb-rtt: 7372
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-etou8220097-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1707328308.750928,VS0,VE21
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 204 events
api2.truthfinder.com/v1/ Frame 0
0 241ms
174ms Preflight 2606:4700::6811:1ff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.truthfinder.com/v1/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1ff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: api-key,app-id,content-type
Access-Control-Request-Method: POST
Origin: https://www.truthfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Api-Key,App-Id,App-Version,Device-Id,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Reason,Comment
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.truthfinder.com
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 851d7ba48f49921d-FRA
date: Wed, 07 Feb 2024 17:51:48 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 google

GET
H2 200 LoginView.chunk.4b7e346cf8aea9155b60.css
static.truthfinder.com/ 1 KB
1 KB 164ms
164ms Stylesheet
text/css 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/LoginView.chunk.4b7e346cf8aea9155b60.css

Requested by

Host: static.truthfinder.com
URL: https://static.truthfinder.com/app.18d4a43062dd7cd31f3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adbfba5f941fe9a542f2ecf0eb76e2a603ef02500f70aece4ebd9b2d0957ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPpzaaXFF39wwVMCwW6Zss5T_6bztfNQq5nkXr09CMGD0Huki6TW_c1MGAULgLXZW0cAj50
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:30:34 GMT
server: cloudflare
etag: W/"0cf52c6d8bb832e0ad4372eba5e16f73"
vary: Accept-Encoding
x-goog-hash: crc32c=iCXUww==, md5=DPUsbYu4MuCtQ3LrpeFvcw==
x-goog-generation: 1705535253014585
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1503
cf-ray: 851d7ba41ee0914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

GET
H2 200 LoginView.chunk.8ad39e9f25301f6b6e20.js Show response
static.truthfinder.com/ 18 KB
4 KB 67ms
66ms Script
application/javascript 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.truthfinder.com/LoginView.chunk.8ad39e9f25301f6b6e20.js

Requested by

Host: static.truthfinder.com
URL: https://static.truthfinder.com/app.18d4a43062dd7cd31f3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a67febd547ef0e07f44d348754ca0b8b04a796b926320ce22ace82cd2cc087f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: ABPtcPqirrWTRsWnVcwkp_cGVEM4bcuOZWCeWgeQnxmZGsPW8ZOmV_9iV5e8bsLY8pJnsJQWgN5R2gJ8cg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 06 Feb 2024 20:30:35 GMT
server: cloudflare
etag: W/"9dfefef2da9fd9828cea68806f4450a3"
vary: Accept-Encoding
x-goog-hash: crc32c=NctB6g==, md5=nf7+8tqf2YKM6miAb0RQow==
x-goog-generation: 1706821036662130
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 17952
cf-ray: 851d7ba41ee2914a-FRA
expires: Wed, 07 Feb 2024 21:51:47 GMT

POST
H2 202 events Show response
api2.truthfinder.com/v1/ 20 B
301 B 401ms
400ms Fetch
application/json 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.truthfinder.com/v1/events

Requested by

Host: static.truthfinder.com
URL: https://static.truthfinder.com/app.18d4a43062dd7cd31f3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de74614db4864854832370eb37e19eebfe67718603681541551ba83eeca3658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
app-id: tf-web
api-key: B7QbTIt3PtAID67cRtfQwrgzL0H3qU5buaxp17PoZ98
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.truthfinder.com
access-control-expose-headers: Location,Assisted-Search-Id,Assisted-Search-Created,Required-Item,Reason,Reason-Code,Purchased-Items,Retry-After,Warning
cache-control: no-store
access-control-allow-credentials: true
api-version: 1.38.22
cf-ray: 851d7ba5a9db914a-FRA
content-length: 20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5Z1GGC8S1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX5MS5P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d87a9d0a194fc877658a15fa8050c7fb9218ab733c3ca2afdde44e54b3afc1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 17:51:47 GMT

GET
H2

200

main.js Show response
www.truthfinder.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 7164
Redirect Chain

https://www.truthfinder.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.truthfinder.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

36ms
35ms

Script
application/javascript

2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truthfinder.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b392912d7862a6bfdd5f3343f25bfce25528c644469a960d5470bcfce463d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 851d7ba46f74914a-FRA

Redirect headers

date: Wed, 07 Feb 2024 17:51:47 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 851d7ba42ef1914a-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.truthfinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 157457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 22:07:30 GMT

GET
H2 204 99782 Show response
vc.hotjar.io/sessions/ 0
258 B 119ms
44ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/99782?s=0.25&r=0.23465608705975027
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:47 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 3Rq3Vx3MzMepfI5PV7t49kB3qsivef6OvGT63eOVNqoJsQD9rLVh8g==

POST
H2 200 851d7b9c4a15914a Show response
www.truthfinder.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7164 0
294 B 92ms
91ms XHR
text/plain 2606:4700::6812:6081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.truthfinder.com/cdn-cgi/challenge-platform/h/g/jsd/r/851d7b9c4a15914a

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6081 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
server: cloudflare
cf-ray: 851d7ba50896914a-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.truthfinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:48:23 GMT
x-content-type-options: nosniff
age: 83005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:48:23 GMT

GET
H2 200 s.js Show response
cdn.siftscience.com/ 62 KB
21 KB 114ms
21ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.siftscience.com/s.js

Requested by

Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:30:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 170461
x-guploader-uploadid: ABPtcPpC3XdxLrN26Bm5ZSE7rCIwXhRcMt1aNKZLEYKgZC7NFY2EtvQiu952KcWIc1OlW-kpzeQ50AB-Nw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 04 Feb 2025 18:30:47 GMT

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 1 KB
694 B 106ms
32ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.truthfinder.com
URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59a849c1b74b2a3f80fbea37eb3688b5b25d4f411478fb03c658fd7918816ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 44
etag: W/"7b70eda78202fe03eb4f5b959906b533"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 851d7ba61d723678-FRA

GET
H2 200 Rk2mcAA7.json Show response
cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/ 625 B
662 B 85ms
42ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/Rk2mcAA7.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7f181afb86b160623f8ac1fb717cf939424a6e0e3593c3ff53fac2ed4219fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 00:38:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61971
etag: W/"271-60e8ca77b9d66"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBvDZgw%2FRTocmMDdSg3llsNRggJYAtxB1DSIn66xay4drE9GJa8OPLTuDzz5gI1F0%2Fn69f14O9dtcnOTuKBwV9mYj9hfSn0gCVChF2fZAdZd4sLZm7NSj3T22HMYOOsgi3N0%2FquP40CghmTkFssf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 851d7ba5e8a192a5-FRA

GET
H2 200 ip Show response
directory.cookieyes.com/api/v1/ 112 B
266 B 161ms
42ms Fetch
text/html 52.213.96.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/api/v1/ip
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/8eb70f079360c79e0b5c63c2/banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.96.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-96-109.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 3229a1b6a3a76de384c0ac374ba31c1ff2c8f41e48fcbe7c219c648d9fb0f30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 17:51:48 GMT
x-powered-by: Express
content-length: 112
etag: W/"70-i8EqZhuiT4YVQ0Babk30u+qNCGs"
content-type: text/html; charset=utf-8

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 56 KB
20 KB 90ms
43ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=80c5c8aaf178224b4d01975dcc58bead&cb=7fd6359
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9cb9f22987b39f4fe9d59a62b330ffce2a5a12d8121a68d6180db443a89736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
surrogate-keys: 80c5c8aaf178224b4d01975dcc58bead
cf-cache-status: HIT
server: cloudflare
age: 9473
etag: W/"1d590b267f0606d9d06a63c0ef62753b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600, s-maxage=21600
cf-ray: 851d7ba69d7771c5-FRA

GET
H2 200 664279.gif
hexagon-analytics.com/images/ 43 B
288 B 196ms
120ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/664279.gif?bk=939a6cf0fa&tm=14&r=167692341&v=106&cs=UTF-8&h=www.truthfinder.com&l=en-US&S=374084f5d72909ddf4e47bb8cbc77c58&uu=1ab59e41ffe14bd2b0232542854a863&t=TruthFinder%20-%20Login&u=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=12cbadb82d688a3efa72109e23f43cfa&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:48 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 33 KB
10 KB 88ms
44ms Script
text/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=80c5c8aaf178224b4d01975dcc58bead&lang=en&cb=7fd6359
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=80c5c8aaf178224b4d01975dcc58bead&cb=7fd6359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2080f202bbec3eea808787e32021f1b2a5e76f7ba120b3a9497043cc398a76

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Origin: https://www.truthfinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
surrogate-key: prod 80c5c8aaf178224b4d01975dcc58bead 7fd6359
last-modified: Wed, 07 Feb 2024 14:58:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 6029
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray: 851d7ba728fd6949-FRA

GET
H2 200 jquery.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
34 KB 45ms
45ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=80c5c8aaf178224b4d01975dcc58bead&cb=7fd6359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca74d1953cc1cce6dc1902e63a813edf5f5aea14cc2bafe3a897c213c103ebf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 7112
etag: W/"65bbe0ef-17d97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba6fdf971c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 startup.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 429 KB
115 KB 62ms
62ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?h=80c5c8aaf178224b4d01975dcc58bead&cb=7fd6359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87018ca03b871f3486ba6cbd455c6137b3485bbfc1f92daf8b0e809c6dc60689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 6975
etag: W/"65bbe0ef-6b24f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba6fdfc71c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 smartrems.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 135 KB
40 KB 39ms
38ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 6763
etag: W/"65bbe0ef-21d4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8182071c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 tangoEngine.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 108 KB
35 KB 42ms
42ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3c6c01603d8fabd8b5e78ec5ea437f8828ac0842b478c4b923b0b46ace14fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:18:18 GMT
server: cloudflare
age: 7095
etag: W/"65bbe06a-1b0ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8182771c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame 4B5B 813 B
590 B 53ms
52ms Document
text/html 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=7fd6359
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 590750
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 851d7ba8b97771c5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 17:51:48 GMT
last-modified: Wed, 31 Jan 2024 21:45:12 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 0
61 B 577ms
192ms Ping
text/plain 52.35.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.146.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-146-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 17:51:49 GMT
content-length: 0

GET
H2 200 1856.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 372 B
292 B 42ms
41ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/1856.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 7095
etag: W/"65bbe0ef-174"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c98271c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 3772.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 480 B
335 B 47ms
46ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/3772.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 6974
etag: W/"65bbe0ef-1e0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c98971c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 5121.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 382 B
310 B 38ms
38ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/5121.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 6839
etag: W/"65bbe0ef-17e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c98e71c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 874.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 193 B
224 B 41ms
40ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/874.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:20:31 GMT
server: cloudflare
age: 6887
etag: W/"65bbe0ef-c1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c99071c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 launcher.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 80 KB
20 KB 53ms
53ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d79ddc99b846ab35655f33d242b810df4892f5af9d673a20094ad6c07e0cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:18:18 GMT
server: cloudflare
age: 6975
etag: W/"65bbe06a-14156"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c99371c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 compliance.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 125 KB
35 KB 49ms
48ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03ac298d02cc60e726fd2f2155648be356088c8d8b2fb359e4d38f8b28fd5b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:18:18 GMT
server: cloudflare
age: 7095
etag: W/"65bbe06a-1f216"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba8c99471c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
H2 200 audioeye-scanner.js Show response
wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v5.7.9/ 194 KB
49 KB 69ms
69ms Script
text/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v5.7.9/audioeye-scanner.js

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.7fd6359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

237735d73475a1db6f173def925e0b9a067b4c872029ea2057d67da3902a84b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
access-control-request-method: GET
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: HIT
server: cloudflare
age: 746573
etag: W/"3ab274d09fa8c983d5f58b835a2c7333"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 851d7ba93a5a71c5-FRA

GET
H2 200 audioeye-scanner.js Show response
wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v7.1.3/ 211 KB
52 KB 72ms
72ms Script
text/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wsv3cdn.audioeye.com/static-scripts/audioeye-scanner/v7.1.3/audioeye-scanner.js

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.7fd6359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c73f9a8e29b7b47505b0ffef1c52607ec993ce057bad278815d3d1679a7b4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
access-control-request-method: GET
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: HIT
server: cloudflare
age: 525146
etag: W/"64717fa018448822368e8e9ac249738f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 851d7ba93a5e71c5-FRA

GET
H2 200 6365.bundle.7fd6359.js Show response
wsv3cdn.audioeye.com/v2/build/ 1 KB
485 B 46ms
46ms Script
application/javascript 2606:4700::6812:1d9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/6365.bundle.7fd6359.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:51:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Feb 2024 18:18:18 GMT
server: cloudflare
age: 6173
etag: W/"65bbe06a-42e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 851d7ba93a6171c5-FRA
expires: Thu, 06 Feb 2025 17:51:48 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35

Request headers

Referer
Origin: https://www.truthfinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H3 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.truthfinder.com/
Origin: https://www.truthfinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:19:29 GMT
x-content-type-options: nosniff
age: 585139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 23:19:29 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1036046/log/3/ 0
250 B 98ms
27ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1036046/log/3/unip?en=pre_d_eng_tb&tos=1658&scd=0&ssd=1&est=1707328307701&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1707328309360&vi=1707328307699&ri=9911fbce70ec83cc76acc7511ff8281a&ref=null&cv=20240201-1-RELEASE&item-url=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1036046/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://www.truthfinder.com
pragma: no-cache
date: Wed, 07 Feb 2024 17:51:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 report
analytics.audioeye.com/v2/ Frame 0
0 569ms
189ms Preflight 52.35.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.146.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-146-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.truthfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 07 Feb 2024 17:51:50 GMT

POST
H2 200 report
analytics.audioeye.com/v2/ 0
0 380ms
380ms Fetch 52.35.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.146.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-146-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 17:51:50 GMT
content-length: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
442 B 120ms
27ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 17:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.truthfinder.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 111ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H5Z1GGC8S1&gtm=45je4250v878433261z877142822za200&_p=1707328307379&_gaz=1&gcs=G111&gcd=13t3t3l3l5&npa=0&dma_cps=sypham&dma=1&gdid=dY2Q2ZW&cid=215500941.1707328307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707328307&sct=1&seg=0&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&dt=TruthFinder%20-%20Login&en=generic_vpv&_fv=1&_ss=1&ep.use_amp_client_id=true&ep.gtm_tag_name=GA4%20Generic%20-%20VPV&up.device_id=&up.acquisition_type=%3AsingleReport&tfd=3942
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5Z1GGC8S1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 27ms
26ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5Z1GGC8S1&cid=215500941.1707328307&gtm=45je4250v878433261z877142822za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3l3l5&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5Z1GGC8S1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5Z1GGC8S1&cid=215500941.1707328307&gtm=45je4250v878433261z877142822za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3l3l5&npa=0&z=3507134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
371 B 84ms
26ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 17:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.truthfinder.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2062148624&t=pageview&_s=1&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ul=en-us&de=UTF-8&dt=TruthFinder%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAQCACAAI~&jid=1545170469&gjid=346093969&cid=215500941.1707328307&tid=UA-74882607-3&_gid=2124684253.1707328307&_r=1&_slc=1&gtm=45He4250n81NX5MS5Pv77142822za200&cg1=Product%20Dashboard&gcs=G111&gcd=13t3t3l3l5&dma_cps=sypham&dma=1&z=738909796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2062148624&t=pageview&_s=1&dl=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&dp=%2Flogin&dh=www.truthfinder.com&ul=en-us&de=UTF-8&dt=TruthFinder%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAQCACAAI~&jid=&gjid=&cid=215500941.1707328307&tid=UA-74882607-3&_gid=2124684253.1707328307&gtm=45He4250n81NX5MS5Pv77142822za200&cg1=Product%20Dashboard&gcs=G111&gcd=13t3t3l3l5&dma_cps=sypham&dma=1&z=598187490

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 19:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82033
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74882607-3&cid=215500941.1707328307&jid=1545170469&gjid=346093969&_gid=2124684253.1707328307&_u=aGDACEABBAQCACAAI~&z=1247143685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Feb 2024 17:51:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.truthfinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 77ms
76ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74882607-3&cid=215500941.1707328307&jid=1545170469&_u=aGDACEABBAQCACAAI~&z=950705356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74882607-3&cid=215500941.1707328307&jid=1545170469&_u=aGDACEABBAQCACAAI~&z=950705356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 report
analytics.audioeye.com/v2/ Frame 0
0 193ms
193ms Preflight 52.35.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.146.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-146-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.truthfinder.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 07 Feb 2024 17:51:51 GMT

POST
H2 200 report
analytics.audioeye.com/v2/ 0
0 191ms
191ms Fetch 52.35.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/v2/report
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/tangoEngine.bundle.7fd6359.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.146.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-146-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 17:51:51 GMT
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1036046/log/3/ 0
249 B 27ms
26ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1036046/log/3/unip?en=pre_d_eng_tb&tos=4660&scd=0&ssd=1&est=1707328307701&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1707328312361&vi=1707328307699&ri=9911fbce70ec83cc76acc7511ff8281a&ref=null&cv=20240201-1-RELEASE&item-url=https%3A%2F%2Fwww.truthfinder.com%2Flogin%3Futm_source%3Dtrans%26utm_medium%3Demail%26utm_campaign%3Drebill_d1&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1036046/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://www.truthfinder.com
pragma: no-cache
date: Wed, 07 Feb 2024 17:51:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.truthfinder.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mdejgoh04077uto58d9ot8klvd
.truthfinder.com/	1969-12-31 23:59:59	Name: sessionId Value: 78b0aab5-e847-4367-9a9c-82f4b95113ae
.truthfinder.com/	1969-12-31 23:59:59	Name: sessionCreated Value: 2024-02-07T17%3A51%3A46%2B00%3A00
.truthfinder.com/	1970-01-21 03:01:04	Name: device-id Value: b6ff34ad-596d-469e-9308-ae7151b08e26
.truthfinder.com/	1970-01-20 18:15:30	Name: __cf_bm Value: jSDZtu9vTiYX2LmMb5WLu17c_ellXHLx_2YE8Auqka0-1707328307-1-Adn5iEBvEu35dlXWwId7wWmjvYfCWZVUWM9Yuxqtai1WCJtQo7ti6TvhSEbmqtJj6f/deV5I/CfM7Ks0hlN5sO5Dfy2/SYLvH2lwacXVe42x
.truthfinder.com/	1970-01-20 18:16:54	Name: _gid Value: GA1.2.2124684253.1707328307
.truthfinder.com/	1970-01-20 18:15:28	Name: _gat Value: 1
.truthfinder.com/	1970-01-20 20:25:04	Name: _gcl_au Value: 1.1.439291664.1707328308
.truthfinder.com/	1970-01-20 18:16:54	Name: _uetsid Value: 907123d0c5e111ee840dd91e2e49cce1
.truthfinder.com/	1970-01-21 03:37:04	Name: _uetvid Value: 907129b0c5e111ee91c419b71a24dcb5
.doubleclick.net/	1970-01-20 18:15:29	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 03:37:04	Name: MUID Value: 01EA88D5E89B68D5367B9CCBE9376965
.truthfinder.com/	1970-01-21 03:01:04	Name: _hjSessionUser_99782 Value: eyJpZCI6IjE1MmYxYzc5LWM3OTctNTE4OC05ZGVmLTYxYzJlMTdhZTgyYyIsImNyZWF0ZWQiOjE3MDczMjgzMDc4OTksImV4aXN0aW5nIjpmYWxzZX0=
.truthfinder.com/	1970-01-20 18:15:30	Name: _hjSession_99782 Value: eyJpZCI6ImYzYjU5NTk4LTk2MTUtNDNhYS05ZDYyLTlhN2Q1NDBlNzRjYiIsImMiOjE3MDczMjgzMDc4OTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
www.truthfinder.com/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
www.truthfinder.com/	1970-01-20 18:15:28	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1707328308094%7D
.truthfinder.com/	1970-01-21 03:01:04	Name: cf_clearance Value: f_SKz5KaBPzPBok26dF3j2TQ_Duo60sAm5FIiD03jd4-1707328308-1-AXWyAnKlU0MnFXtAMp5Oz1iaAHKmxi+J6AULdgqjVC/hC6ooTM9mNwste6g/cfYktjCz2BCv0lMPZDF38pytE9g=
.truthfinder.com/	1970-01-21 03:51:28	Name: __ssid Value: 1ab59e41ffe14bd2b0232542854a863
.truthfinder.com/	1970-01-21 03:01:04	Name: cookieyes-consent Value: consentid:djNsOU9NZXlCRWNYQ00ybkFGeExFTGxITTRQZzZrMVk,consent:yes,action:no,necessary:yes,advertisement:yes
www.truthfinder.com/	1970-01-21 03:01:04	Name: _aeaid Value: 55088e43-8086-4840-8b70-935d574b3016
www.truthfinder.com/	1970-01-21 03:51:28	Name: aelastsite Value: 2mPjkjwQZalezFb4w6jCCQh4HvZ2OUuIO1sZW%2FUICZH1jh24iu3Yf1G76C5X0Jxx
www.truthfinder.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
wsv3cdn.audioeye.com/	1970-01-21 03:51:28	Name: aelastsite Value: 2mPjkjwQZalezFb4w6jCCQh4HvZ2OUuIO1sZW%2FUICZH1jh24iu3Yf1G76C5X0Jxx
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
www.truthfinder.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
.truthfinder.com/	1970-01-21 03:51:28	Name: _ga_H5Z1GGC8S1 Value: GS1.1.1707328307.1.1.1707328307.60.0.0
.truthfinder.com/	1970-01-20 18:15:31	Name: AMP_TOKEN Value: %24NOT_FOUND
.truthfinder.com/	1970-01-21 03:51:28	Name: _ga Value: GA1.2.215500941.1707328307
.truthfinder.com/	1970-01-20 18:15:28	Name: _gat_UA-74882607-3 Value: 1

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.truthfinder.com/login?utm_source=trans&utm_medium=email&utm_campaign=rebill_d1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
amplify.outbrain.com
analytics.audioeye.com
api2.truthfinder.com
bat.bing.com
cdn-cookieyes.com
cdn.siftscience.com
cdn.taboola.com
directory.cookieyes.com
e.customeriomail.com
email.mg.truthfinder.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
log.cookieyes.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
static.truthfinder.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
vc.hotjar.io
wave.outbrain.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.truthfinder.com
13.32.27.21
141.226.228.48
151.101.1.44
18.66.112.110
18.66.97.37
2001:4860:4802:34::36
23.213.165.149
2606:4700:20::ac43:44d6
2606:4700::6811:1ff8
2606:4700::6812:1d9b
2606:4700::6812:6081
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
34.102.232.42
34.110.180.34
34.96.67.224
35.227.225.220
52.213.96.109
52.35.146.114
70.42.32.223
03ac298d02cc60e726fd2f2155648be356088c8d8b2fb359e4d38f8b28fd5b0d
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
09cdac512af81a51aeae4dcc7d4adcca2d8874b3e43b81fb23073c07659ca680
0fc6c17f2311e65dd0c6666bf4aafa2c2da51aac9b7de733b019658dea4aa90d
109dd2c715577a0588491f5cad5d43ee9523ffe94f16fe74dbfa29f2d01c6226
120a29c90607e3621809457addfc82d1cce72abf483194a36af7978f70c83392
135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c
1c73f9a8e29b7b47505b0ffef1c52607ec993ce057bad278815d3d1679a7b4d2
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e68086b07bd9a58d95d52ea6e81b61913d54ed3c0985d4864d686d2ca4b25b2
20f86b062157fbf2af91b2a5013cb09570b608b2993b430e2b41ae0c34ed4d75
237735d73475a1db6f173def925e0b9a067b4c872029ea2057d67da3902a84b0
2c9cb9f22987b39f4fe9d59a62b330ffce2a5a12d8121a68d6180db443a89736
3229a1b6a3a76de384c0ac374ba31c1ff2c8f41e48fcbe7c219c648d9fb0f30d
3ce20796e26a2c1973a5135073a26a3f64c303c3c235eac8061f6b8175a4fc27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b7f181afb86b160623f8ac1fb717cf939424a6e0e3593c3ff53fac2ed4219fb
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6adbfba5f941fe9a542f2ecf0eb76e2a603ef02500f70aece4ebd9b2d0957ae6
6b392912d7862a6bfdd5f3343f25bfce25528c644469a960d5470bcfce463d1d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db9473433810ec1cb3117726b26aab3d002201382e526a11c5ef6b16aa514f1
75d79ddc99b846ab35655f33d242b810df4892f5af9d673a20094ad6c07e0cef
7b3c6c01603d8fabd8b5e78ec5ea437f8828ac0842b478c4b923b0b46ace14fb
7d6492a3b1665cc1a24c4ce9069553ac8773ece4b1a3c06961a081a5b7014932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87018ca03b871f3486ba6cbd455c6137b3485bbfc1f92daf8b0e809c6dc60689
8b73bd7a720e57dd639fd9045cfb9c2983e87ff6dc83d790832a0435af7d7d48
903cf6b79d15c1159628f9edf09b933327c9a54efb41023641c09db4696ded7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91aff0cdbd879b258060c7ccc35af0324d8946b06d002a124414ccb0ea9f9dc6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b06d4caec36c7144a825172f664888fa55c5df391985c549e237be5ceebf370
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13948d267d26dd35406b5c6b1fe280c6cf29638ad4a08046d975d43dc8efce3
a67febd547ef0e07f44d348754ca0b8b04a796b926320ce22ace82cd2cc087f6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
be2080f202bbec3eea808787e32021f1b2a5e76f7ba120b3a9497043cc398a76
c439891e9ca959c88a76af5bf4ffcf654f0e031d45d609046cf78d4a20900471
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca74d1953cc1cce6dc1902e63a813edf5f5aea14cc2bafe3a897c213c103ebf5
d08ca522e8eb6a6a776784fe81d91d8aec8e7a2ba7fd76c6309f30a900105c35
d79401585d50c8e625f6abd3c443cdd31f1ec73cc7f7f570d3330dc706f433f7
d87a9d0a194fc877658a15fa8050c7fb9218ab733c3ca2afdde44e54b3afc1d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de74614db4864854832370eb37e19eebfe67718603681541551ba83eeca3658d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59a849c1b74b2a3f80fbea37eb3688b5b25d4f411478fb03c658fd7918816ed
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ef1fc98e2723a3a8b84963802d429d4dc8218e458096b6c4ba2ea0b0506396
f7a3e3bc4958ecbc5cad7122e62d2d9658197eb70331e8c512ed0b8e4a7b18b9
f98ba81ee2004feeab06856d610987055f04bb37412030c3011f5f478a17b318
fd611e485659d744bbbf77375a0546a1b68c446e3cf9f5e6d641ab0ac42edcaa

www.truthfinder.com Open in urlscan Pro 2606:4700::6812:6081 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

55 %IPv6

19 Domains

34 Subdomains

28 IPs

5 Countries

2409 kBTransfer

9068 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.truthfinder.com Open in urlscan Pro
2606:4700::6812:6081 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

55 %
IPv6

19
Domains

34
Subdomains

28
IPs

5
Countries

2409 kB
Transfer

9068 kB
Size

30
Cookies

77 HTTP transactions
1 data transactions