www.tortdefenders.com Open in urlscan Pro
172.64.153.235 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Submission: On July 08 via api (July 8th 2024, 3:53:42 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 78 HTTP transactions. The main IP is 172.64.153.235, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www.tortdefenders.com.
TLS certificate: Issued by E6 on June 21st 2024. Valid for: 3 months.

This is the only time www.tortdefenders.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.64.153.235 172.64.153.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.227.219.25 13.227.219.25	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.245.46.112 18.245.46.112	16509 (AMAZON-02) (AMAZON-02)
5	3.160.213.29 3.160.213.29	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:209... 2600:9000:2090:a400:12:baaf:c600:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	34.232.138.67 34.232.138.67	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:255... 2600:9000:2553:5200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	65.9.86.32 65.9.86.32	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.63 18.245.46.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
4	184.28.89.148 184.28.89.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	45.223.19.68 45.223.19.68	19551 (INCAPSULA) (INCAPSULA)
2	172.67.134.204 172.67.134.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.61.228 108.156.61.228	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	172.67.135.143 172.67.135.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	27

4 172.64.153.235 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.tortdefenders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.219.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-25.ams54.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.vour.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-112.fra56.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.160.213.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-213-29.mxp53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:a400:12:baaf:c600:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jscaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.232.138.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-138-67.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2553:5200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.86.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-32.ams1.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-63.fra56.r.cloudfront.net

js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.223.19.68 (United States)

ASN19551 (INCAPSULA, US)

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.134.204 (United States)

ASN13335 (CLOUDFLARENET, US)

ipua.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.61.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-228.ams1.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.135.143 (United States)

ASN13335 (CLOUDFLARENET, US)

algenid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4805 tr.outbrain.com — Cisco Umbrella Rank: 4632 wave.outbrain.com — Cisco Umbrella Rank: 4687	11 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 29315 cdn.trustedform.com — Cisco Umbrella Rank: 33928	44 KB
6	leadid.com create.leadid.com — Cisco Umbrella Rank: 18688	5 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	6 KB
6	cloudfront.net d9hhrg4mnvzow.cloudfront.net d2m2wsoho8qq12.cloudfront.net	204 KB
5	vour.io de.vour.io — Cisco Umbrella Rank: 265656	2 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1193 psb.taboola.com — Cisco Umbrella Rank: 9449 trc.taboola.com — Cisco Umbrella Rank: 1100 trc-events.taboola.com — Cisco Umbrella Rank: 3225	24 KB
5	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 35426	85 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	384 KB
4	tortdefenders.com www.tortdefenders.com	28 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	75 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102 region1.google-analytics.com — Cisco Umbrella Rank: 2949	21 KB
3	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 17499 js.callrail.com — Cisco Umbrella Rank: 20691	13 KB
2	algenid.com algenid.com — Cisco Umbrella Rank: 304647	898 B
2	ipua.io ipua.io — Cisco Umbrella Rank: 285014	1 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 37354	37 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 28826	39 KB
1	jscaddy.com cdn.jscaddy.com — Cisco Umbrella Rank: 183405	17 KB
1	rawgit.com rawgit.com — Cisco Umbrella Rank: 18087	19 KB
0	anura.io Failed script.anura.io Failed
78	20

	Domain	Requested by
6	create.leadid.com	create.lidstatic.com
6	www.facebook.com	www.tortdefenders.com
5	de.vour.io	cdn.jscaddy.com
5	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	d9hhrg4mnvzow.cloudfront.net	www.tortdefenders.com
4	www.googletagmanager.com	www.tortdefenders.com www.googletagmanager.com
4	www.tortdefenders.com	www.tortdefenders.com
3	tr.outbrain.com	amplify.outbrain.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	algenid.com	cdn.jscaddy.com
2	trc-events.taboola.com	cdn.taboola.com
2	ipua.io	cdn.jscaddy.com
2	wave.outbrain.com	amplify.outbrain.com
2	amplify.outbrain.com	www.googletagmanager.com amplify.outbrain.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.trustedform.com	www.tortdefenders.com api.trustedform.com
2	cdn.callrail.com	www.tortdefenders.com www.googletagmanager.com
2	builder-assets.unbounce.com	www.tortdefenders.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	js.callrail.com	cdn.callrail.com
1	create.lidstatic.com	www.tortdefenders.com
1	cdn.jscaddy.com	www.tortdefenders.com
1	rawgit.com	www.tortdefenders.com
0	script.anura.io Failed	www.tortdefenders.com
78	29

This site contains no links.

Subject Issuer	Validity	Valid
www.tortdefenders.com E6	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
rawgit.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn.jscaddy.com Amazon RSA 2048 M03	`2023-10-28` - `2024-11-25`	a year	crt.sh
lidstatic.com E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-04-24` - `2024-10-21`	6 months	crt.sh
ipua.io WE1	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh
vour.io E5	`2024-06-20` - `2024-09-18`	3 months	crt.sh
algenid.com WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Frame ID: 1568C88BEDFD70DB0186415EF3924BB7
Requests: 74 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=123B21C3-057C-D004-5FC1-35D14F52C71C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=1FF587B7-A1C0-E8EC-447A-6B39DA34F50E&lac=90154F17-A296-41BD-19C2-AAE16A918AC1
Frame ID: 20E524FA931DBC05D884B30480D91643
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

78
Requests

91 %
HTTPS

31 %
IPv6

20
Domains

29
Subdomains

27
IPs

3
Countries

1024 kB
Transfer

2544 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787

78 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tortdefenders.com/roundupclaim/ 56 KB
12 KB 749ms
283ms Document
text/html 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3c59b743b5d20712da8b7915043c4c0007493369acf2d10ee093b553014186

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8a013f72cf9844fe-TXL
content-encoding: gzip
content-length: 11585
content-location: https://www.tortdefenders.com/roundupclaim/
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 15:53:34 GMT
etag: "b:45b8996311d64f4b97b9c41967f85f11"
link: <https://www.tortdefenders.com/roundupclaim/>; rel="canonical"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-unbounce-pageid: 929aa0f9-4ebc-49b0-9dcd-841583597a4f
x-unbounce-variant: b
x-unbounce-visitorid: 45b89963-11d6-4f4b-97b9-c41967f85f11

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 148ms
40ms Stylesheet
text/css 13.227.219.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-css/main-7b78720.z.css

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-25.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:43:46 GMT
content-encoding: gzip
via: 1.1 51d16867ea09d1b4c52eca0e090ad4a2.cloudfront.net (CloudFront)
x-amz-version-id: GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 17413789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
referrer-policy: no-referrer
last-modified: Fri, 15 Dec 2023 17:54:33 GMT
server: AmazonS3
etag: "65d94e355664eb0c202cee7db35a61b5"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5nkEMPAe2M87PNfAtnz4U5UbO0HCXOpSKfjAgmTNKH5t8JP6bhZQYg==

GET
H2 200 e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js Show response
www.tortdefenders.com/_ub/static/ts/ 44 KB
15 KB 52ms
51ms Script
application/javascript 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tortdefenders.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: br
via: 1.1 fd568a3da1f881f8511d482847a492ea.cloudfront.net (CloudFront)
x-amz-version-id: y0uC0xE0yu95rDa35ZEYf2K128n3gwGH
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MRS52-P3
age: 5242796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 08 May 2024 22:13:34 GMT
server: cloudflare
etag: W/"a7eeb377929f3b60727095f859013d59"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a013f749bea44fe-TXL
x-amz-cf-id: 7Be8N57YmLUh_VlyWq7YCs4qOk6c25w--yVy-Tm7hNfVahntr17pkQ==
expires: Tue, 08 Jul 2025 15:53:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
91 KB 216ms
71ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11471482936

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9c50f26a6353f62378cf47b44ec865cc0c0903c8887505d68ba831bb9e30f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92620
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 15:53:34 GMT

GET
H3 200 progressbar.js Show response
rawgit.com/kimmobrunfeldt/progressbar.js/1.0.0/dist/ 71 KB
19 KB 138ms
77ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawgit.com/kimmobrunfeldt/progressbar.js/1.0.0/dist/progressbar.js

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d04e293cbb5bc943a3fa34eeedc2bd97cd7c05833aaf863a9c8687dd9302728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; preload
age: 58
alt-svc: h3=":443"; ma=86400
rawgit-cache-status: HIT
server: cloudflare
etag: W/"955abbdcf3eee4f0ce21943c429e6ef9cccca6ebfb580ece2ba49d0141b06616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czN5voS4uSkEeF%2BCayWpgqKXgDICTVKoYnmFtYZvk6BedNWWFgp1drYya0iYmbbKSyoQxqSsLgObj%2Bz0mlWT8%2BneRfeSgdlJTbISsuiS%2B1NjwqK3ZoXgWIp5RzRy"}],"group":"cf-nel","max_age":604800}
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
content-type: application/javascript;charset=utf-8
cache-control: max-age=3600, s-maxage=300
x-robots-tag: none
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
cf-ray: 8a013f74fdbd1e59-FRA

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/652899306/37bddd5c60547522bb59/12/ 39 KB
12 KB 248ms
143ms Script
text/javascript 18.245.46.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/652899306/37bddd5c60547522bb59/12/swap.js

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-112.fra56.r.cloudfront.net

Software

Resource Hash

6aa744f829693aeffc3af35316b870b9dd4d8e13179f1f58ca88a9cd56a23f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 31f0f3de-d29e-469b-9fa8-447f4155f30d
x-runtime: 0.004520
referrer-policy: strict-origin-when-cross-origin
etag: W/"6aa744f829693aeffc3af35316b870b9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: OC_R-uL4nuanhFsvG2xRRwotdgHwzZaqgH8LzsX8BZzeO_gxezozzA==

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 64ms
54ms Script
application/javascript 13.227.219.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-25.ams54.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 06:21:57 GMT
content-encoding: gzip
via: 1.1 51d16867ea09d1b4c52eca0e090ad4a2.cloudfront.net (CloudFront)
x-amz-version-id: TsqXEulHpCIWQfLEsYTo7.zRFGF4af5e
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
age: 30965498
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
referrer-policy: no-referrer
last-modified: Mon, 10 Jul 2023 18:38:42 GMT
server: AmazonS3
etag: "6ce35e88e5299f623189adcaf266b9b3"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bhZnX8SZdrK0Xhyf3IvxO03xfvQw3HhssP7trYy1NwJ-zWFKBJEetw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
108 KB 226ms
83ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

560e0d0d14bab84e97e8e792ba1b8ad6b3503d4ec73512857bda891af4dd97ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110053
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 15:53:34 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 23b98f37-bkg-roundup002_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/ 199 KB
200 KB 703ms
536ms Image
image/jpeg 3.160.213.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/23b98f37-bkg-roundup002_100000000000000000001o.jpg
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-213-29.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ad2e5d7d5ccf3ee47b9ac3250046aedaa8086750829e7233b744c515b3788a8

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: pMim2qTQBDMxHm7ae2vrDtAvceFMv.Nv
via: 1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 17:58:41 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P3
etag: "8a4d9decf7ca4fb20128135281772aed"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 204097
x-amz-cf-id: lB-gMjo8sFOvBYReFWbWIOZgRLOLRGPuvYQEY02B9-CnFR-UwT0Fgg==

POST
H2 200 i
www.tortdefenders.com/_ub/ 2 B
240 B 447ms
432ms Ping
text/plain 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tortdefenders.com/_ub/i

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

Referer: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tortdefenders.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8a013f75feee44fe-TXL
content-length: 2

GET
H2 200 tn5p7d.js Show response
cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/ 49 KB
17 KB 820ms
669ms Script
application/javascript 2600:9000:2090:a400:12:baaf:c600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:a400:12:baaf:c600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8386cb79c656ee7561d3bee8ff8190ac1d0dc5535ea48eecde47569c9a252420

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:36 GMT
content-encoding: br
via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 12:07:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
x-amz-server-side-encryption: AES256
etag: W/"13679d7af487b69fd6a958f78b9fb959"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: C0WvLn7KLOY6iG3vjVlFkpvtRRkaB_l-8V-iHaaWHwDtOkuPFdZRsQ==

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787

16 KB
6 KB

337ms
228ms

Script
application/javascript

2600:9000:2553:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Server: 2600:9000:2553:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:36 GMT
x-amz-version-id: USH.kGm.LW1lWf1QLkIlyNzwTMcmWmXb
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
via: 1.1 7b0b4bae410ad2d445fd1d40cc135f38.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P5
etag: W/"7714c59720fe363c09fbb7ada2282741"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: HHYyvDhzBvpCeBC2DnTtNQlVbJCWtf2wbeYUWFgD5_fC3npO0Sl7GA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787
date: Mon, 08 Jul 2024 15:53:34 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js Show response
create.lidstatic.com/campaign/ 121 KB
39 KB 685ms
583ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e9df566f59517f4c2bab0e5365c61ec48a298dac02b5aefbde7cafe38d380e

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: yB546MEoGxP_EfmM9_T8KcTWsusgtB9z
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: CV5DP3ACT0XDHT8G
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bAYFfJo18WFBK0IMVeWb1B+fkVqatwmRWpiZ642+wuI3SDTwvdVu2LFPUBJtgzA5n013pnvu+zs=
last-modified: Thu, 18 Jan 2024 02:27:51 GMT
server: cloudflare
etag: W/"bc18efb44f13feefe5b2ea8207ad7fd9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 8a013f7748229ba4-FRA

GET
BLOB 200
OK bdb38d95-0a63-48df-a887-d072274a9e13
https://www.tortdefenders.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tortdefenders.com/bdb38d95-0a63-48df-a887-d072274a9e13
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 4 KB
1 KB 277ms
170ms Stylesheet
text/css 65.9.86.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:regular,900,700%7COswald:500

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-32.ams1.r.cloudfront.net

Software

Resource Hash

93fe09517a3b390258d8e8af35a67c33e1f458d85c2160c708759ce178542203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 59ed46b5-677c-44dd-926a-b0077431f292
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ama71EJ5oAMEtwA=
content-length: 630
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-668c0b7e-3a52744a1f2453747729ad42
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: m-6OCx7rWeftN_HZPMoJap9mP6hqd89GViGjF_HqNlz7B6tDPFSV8g==

GET
H2 200 1a88e3b0-tort-defenders-logo-horizontal-rgb.svg
d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/ 4 KB
2 KB 554ms
553ms Image
image/svg+xml 3.160.213.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/1a88e3b0-tort-defenders-logo-horizontal-rgb.svg
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-213-29.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96f311695befa92f76b0bd3f87649a6788fd619a54ffb07cef91d3532049e6a8

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: cRbn0NuZNlO3vuKM.P8r_o5OUS7IP_lG
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 17:58:41 GMT
server: AmazonS3
via: 1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
etag: W/"d9f1b2c166ade665b87da0c40c0b6d40"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: BXoo8iRMHdbpRH8k3HbBZNmjw3lLWlMiubDfhal5boPU9hlKyup93Q==

GET
H2 200 6fff96ca-td-roundup-claims-header.svg
d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/ 5 KB
2 KB 544ms
544ms Image
image/svg+xml 3.160.213.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/6fff96ca-td-roundup-claims-header.svg
Requested by: Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-213-29.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15412a23fe90c2ece0466a937822799c3b7be5059534c57a3af07af007f266ea

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: 7S_z2OwxBYQgYHvAPXCkOw06gIeBEUwi
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 17:58:41 GMT
server: AmazonS3
via: 1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
etag: W/"cb25f32e9d978f0e20296b6dfd8dcd21"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: _lozSk8bRoRdJx8sT7KwW3TXLmgjFcCfV_zqRPhz73A10sIs3yvYMg==

POST
H2 200 swap_session.json Show response
js.callrail.com/group/0/37bddd5c60547522bb59/12/ 134 B
814 B 320ms
214ms XHR
application/json 18.245.46.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.callrail.com/group/0/37bddd5c60547522bb59/12/swap_session.json

Requested by

Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/652899306/37bddd5c60547522bb59/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-63.fra56.r.cloudfront.net

Software

Resource Hash

a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
via: 1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-length: 134
x-xss-protection: 1; mode=block
x-request-id: 752a9448-f9c8-45a9-ae84-ac61fb8bda80
x-runtime: 0.046288
referrer-policy: strict-origin-when-cross-origin
etag: W/"a16c2bf1b21db196ddf564a979a6a1b8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding, Origin
x-amz-cf-id: 8raj6Re4b3J8IX26ydPsKVlNkTyGBH7aPKNLwLbMWiH5AztYHK4nhw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YQDQ3BYEYD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb791f1e78261fe704941c630a8b79b6bbb5861d3226f32fd9b4e16e8933e5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 15:53:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 15:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 753
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Jul 2024 17:41:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 122ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jul 2024 15:53:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5p+mqGFOGITq0pBKW40yYxJlbYOHRNm/ClbURmC+UhrQIeGaTZZ7LFIPg8t+x/2KsbwrIKo8lGPXWEJuH9w9tg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11002230586&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2a3d042ca61f7d2e5d4878282fa8a80ebf3699f9f1fd933d4a8fdb79a7d0f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84222
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 15:53:34 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1499804/ 70 KB
22 KB 133ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1499804/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6f1048ea95c6f40a1d29aef31db5ff0945a21fece9801089965df0661be29be

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FR0E23kM4xUA9m9cEtNPJGejwLs3uc1k
content-encoding: gzip
via: 1.1 varnish
date: Mon, 08 Jul 2024 15:53:34 GMT
x-amz-request-id: DEKJ1GKJDENFQG3R
age: 17
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21717
x-amz-id-2: VV1SdHfj5f0DUfQv5SfkXeIKlsxn+VEvbEchhMAONs4RS4tkdjx5OcN/dHkSja3wjeQolIXGlxk=
x-served-by: cache-fra-etou8220079-FRA
last-modified: Sun, 07 Jul 2024 11:45:36 GMT
server: AmazonS3
x-timer: S1720454015.815579,VS0,VE1
etag: "a4c5ba86ac64fc9861597fe1340a1e80"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 216ms
42ms Script
application/x-javascript 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 15:53:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 07:06:19 GMT
Server: AkamaiNetStorage
ETag: "f0a2b8e957b7536ea57179b045ad847a:1718955959.776503"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8611
Expires: Mon, 08 Jul 2024 16:13:34 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/652899306/37bddd5c60547522bb59/12/ 39 KB
0 0ms
0ms Script
text/javascript 18.245.46.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/652899306/37bddd5c60547522bb59/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFP4Q9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-112.fra56.r.cloudfront.net

Software

Resource Hash

6aa744f829693aeffc3af35316b870b9dd4d8e13179f1f58ca88a9cd56a23f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 31f0f3de-d29e-469b-9fa8-447f4155f30d
x-runtime: 0.004520
referrer-policy: strict-origin-when-cross-origin
etag: W/"6aa744f829693aeffc3af35316b870b9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: OC_R-uL4nuanhFsvG2xRRwotdgHwzZaqgH8LzsX8BZzeO_gxezozzA==

GET request.js
script.anura.io/ 0
0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 131ms
52ms Font
font/woff2 65.9.86.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,900,700%7COswald:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-32.ams1.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.tortdefenders.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 29 May 2024 04:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 3495581
x-amzn-requestid: 5be7f9c6-a94e-4d25-9488-830443976713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: YhEzNF7IoAMEN9g=
content-length: 23578
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6656b4e1-353d1cea3fb712505887cd7c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JLGaY_DLJMndZegKxLkjVBEGDJ7Z3YXh8impS5MSnDW53pv0w4Ku4Q==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 166ms
87ms Font
font/woff2 65.9.86.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,900,700%7COswald:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-32.ams1.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.tortdefenders.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 1266771
x-amzn-requestid: 356d9ab3-15fe-4b1c-bfe2-6dd3842d6c14
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Z2GOyE8WIAMEnYg=
content-length: 22518
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6678b72b-6a71e43304463ba00c2a42f0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _DR1mjMexRzhDROqFKpY9Rag-fjVxaWbA49XsXEmmgSfTCYu0NygDA==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 155ms
76ms Font
font/woff2 65.9.86.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,900,700%7COswald:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-32.ams1.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.tortdefenders.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 04:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 2286065
x-amzn-requestid: e4877e07-7bdd-4e47-ae63-2941ee9e6bb0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ZPNuKFJcoAMEh4A=
content-length: 23041
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6669298d-693732526709d0181dfd4961
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6V0H5mxuESmf5CVE8S1AG48StKDtgr2lALn0HMy8bPTCraL7bA53eg==

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 13 KB
13 KB 169ms
91ms Font
font/woff2 65.9.86.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,900,700%7COswald:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-32.ams1.r.cloudfront.net

Software

Resource Hash

201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.tortdefenders.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 06:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 12808
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 24397026
x-amzn-requestid: 8407cc8e-dabd-46fb-9bec-b85f1f49bebb
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: MDv4dE_VoAMEObQ=
content-length: 12831
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6517c69c-11725917568009ea2aca4672
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: AaY1TDehbFFovUy2gsT0cki8SnPwWIs1om1rtkE6iLKF532YfHFvHg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 134ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YQDQ3BYEYD&gtm=45je4730v893957114z8893948949za200zb893948949&_p=1720454014314&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=287634613.1720454015&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720454014&sct=1&seg=0&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1469&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YQDQ3BYEYD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 15:53:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tortdefenders.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 48ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=702712514&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=166742771&gjid=1504916979&cid=287634613.1720454015&tid=UA-242103372-1&_gid=1459624489.1720454015&_r=1&_slc=1&gtm=45He4730n81TFFP4Q9v893948949za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=244257943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 15:53:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tortdefenders.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
285 B 123ms
39ms Fetch
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499804/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220067-FRA
date: Mon, 08 Jul 2024 15:53:35 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1720454015.012214,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1499804/trc/3/ 3 KB
2 KB 70ms
58ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1499804/trc/3/json?tim=1720454014909&data=%7B%22id%22%3A271%2C%22ii%22%3A%22%2Froundupclaim%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1720454014902%2C%22cv%22%3A%2220240704-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtransportmarketing-roundup-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1720454014909%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499804/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7eb5f605ef2d149854589d2d46ce7a7619a191ae4fe82a978e75ec0a8b41af46

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 08 Jul 2024 15:53:34 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.186
x-fastly-to-nlb-rtt: 7377
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220079-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1720454015.944487,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 5402059936550577 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 139ms
139ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5402059936550577?v=2.9.160&r=stable&domain=www.tortdefenders.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

884998d46d5a08de36acba4001994cdc18d948dbf922d9d1a044a5973a665927

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jul 2024 15:53:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=65, mss=1297, tbw=63817, tp=-1, tpl=-1, uplat=96, ullat=0
pragma: public
x-fb-debug: RLi6CnJnXezspEjN/yoOUagzmjSU5FcbJiSjywueikDaOCmHaw09Ykx0ZeXTcn3cqJB0qMH6JTgc82/REsBKXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
521 B 408ms
123ms Ping
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07010299567814475&referrer=&cht=gtm&marketerId=00511c119d1aa4e98b5cd81dc59d1c12bb%2C00e57c3c65a963a1e9bb934a3ebf37bfdf&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST
content-type: image/gif;
access-control-allow-origin: https://www.tortdefenders.com
cache-control: no-cache
access-control-allow-credentials: true
x-traceid: 5f1d1fa155a76179b424631eed794189
access-control-allow-headers: Content-Type, Authorization
content-length: 54

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
521 B 413ms
129ms Ping
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=04447434514753901&referrer=&marketerId=00511c119d1aa4e98b5cd81dc59d1c12bb%2C00e57c3c65a963a1e9bb934a3ebf37bfdf&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST
content-type: image/gif;
access-control-allow-origin: https://www.tortdefenders.com
cache-control: no-cache
access-control-allow-credentials: true
x-traceid: 22a2e546cb6af2c222e6b906316960ec
access-control-allow-headers: Content-Type, Authorization
content-length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 430ms
151ms Script
application/javascript 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00511c119d1aa4e98b5cd81dc59d1c12bb,00e57c3c65a963a1e9bb934a3ebf37bfdf

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: e80e73434643af8a9b332c073676c556
content-length: 39
content-type: application/javascript

GET
H/1.1 200
OK 00511c119d1aa4e98b5cd81dc59d1c12bb Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 553ms
467ms Script
text/html 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00511c119d1aa4e98b5cd81dc59d1c12bb

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-89-148.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 08 Jul 2024 15:53:35 GMT
ob-sent-time: 1720454015343
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
x-traceid: b8abfaa59e35131d7f58e00546834674
Content-Length: 22
Expires: Mon, 08 Jul 2024 15:54:35 GMT

GET
H/1.1 200
OK 00e57c3c65a963a1e9bb934a3ebf37bfdf Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 563ms
477ms Script
text/html 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00e57c3c65a963a1e9bb934a3ebf37bfdf

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-89-148.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 08 Jul 2024 15:53:35 GMT
ob-sent-time: 1720454015421
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
x-traceid: a7dbf5b66e8316c73f87c607834ddd5b
Content-Length: 22
Expires: Mon, 08 Jul 2024 15:54:35 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 122ms
40ms Fetch
text/html 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 15:53:35 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Content-Length: 26
Expires: Mon, 08 Jul 2024 16:13:35 GMT

GET
H3 200 1987395164960107 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 108ms
108ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1987395164960107?v=2.9.160&r=stable&domain=www.tortdefenders.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C187%2C186%2C188%2C193%2C194%2C195%2C191%2C183%2C123%2C152%2C182%2C184%2C114%2C146%2C136%2C140%2C177%2C120%2C219%2C107%2C220%2C154%2C111%2C127%2C115%2C143

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

fc978a9c1bfb4ba841137d2d18e679fb33c981d7ac0aa72084a3a72e84864feb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jul 2024 15:53:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=64, ullat=0
pragma: public
x-fb-debug: oPQAiP0Pfi1fpG8pP9xUzuUvH1SEkmc2Y+pI2E6YThlD2G6vAsWFc/VinmMLVtJBdoHeC+bV1Tez/rmDGA5+eQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 125ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5402059936550577&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015108&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&tm=1&rqm=GET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jul 2024 15:53:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 284ms
199ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5402059936550577&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015108&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&tm=1&rqm=FGET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3da516d821c399ce","source_keys":["1","2"]},{"key_piece":"0x9f578a8850c200d5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 08 Jul 2024 15:53:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389293729342920083", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=20, mss=1297, tbw=3474, tp=-1, tpl=-1, uplat=158, ullat=0
pragma: no-cache
x-fb-debug: 3nMwmmvIxRuvLpcs6s/kGF1aG1FOFtHcTMlZj0+7FK+rangZSJim9S8O920dzaX1noS+KocvqsaqUwjr7zQqNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389293729342920083"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.12.1/ 36 B
982 B 527ms
405ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=b551dfff-548d-4321-bfff-6901a045c7f0&_=455253030

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

7bda413210a9503ccb5a3b486b638d2355c6ba7411f40b75f6fbd51992aee87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323365 NNNN CT(98 103 0) RT(1720454015071 46) q(0 0 2 12) r(3 3) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 41ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5402059936550577&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015222&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&rqm=GET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3203, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jul 2024 15:53:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1018 B 198ms
196ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5402059936550577&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015222&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&rqm=FGET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3da516d821c399ce","source_keys":["1","2"]},{"key_piece":"0x9f578a8850c200d5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 08 Jul 2024 15:53:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389293728716026174", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=20, mss=1297, tbw=6672, tp=-1, tpl=-1, uplat=157, ullat=0
pragma: no-cache
x-fb-debug: ZhAscnTTE653Hu2g3FJllWbTOYbir3HHuaWOcwRdHHTmCHAQjnlHL/8T5KCDaP1Euo4Xlb7mzUTaXa+FKdyDrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389293728716026174"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 41ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1987395164960107&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015223&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&rqm=GET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3319, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jul 2024 15:53:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 202ms
201ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1987395164960107&ev=PageView&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&rl=&if=false&ts=1720454015223&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720454015107.28118378175289982&ler=empty&cdl=API_unavailable&it=1720454014932&coo=false&rqm=FGET

Requested by

Host: www.tortdefenders.com
URL: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x62dd1d2adcd28e52","source_keys":["1","2"]},{"key_piece":"0x3d5f067a6990a847","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 08 Jul 2024 15:53:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389293729049417817", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=20, mss=1297, tbw=7712, tp=-1, tpl=-1, uplat=162, ullat=0
pragma: no-cache
x-fb-debug: nVCad135w+O6MseLtW9biQR0jC6xICBL54itKdNV4ugbZvqM0JS4OxPT7t8d6z/EPNhnpygvQjThVv9BBZ2Vaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389293729049417817"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ip Show response
ipua.io/ 73 B
613 B 437ms
371ms Fetch
application/json 172.67.134.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipua.io/ip
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ff1962d170e0e1558af84b29bc6843df6d41061842389e1978909b9ed3003c

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YE6DkX%2FQKAIpSW27LpSsGQiCbqbdmPPT7yUnM%2BYE2G3nJ88%2FunAXrFz%2BxjJaJDeghWgVYu%2FbJfeUbZQrlzyt0Ij7TMiN8a17m8I95FYzDKVgchEt2Bd6s3vp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.tortdefenders.com
access-control-allow-credentials: true
cf-ray: 8a013f7c4af89128-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
687 B 359ms
123ms XHR
application/json 34.232.138.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.138.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-138-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ead40ced25fc0e11a2c6f0199a7a99ece80c1a3609ba6d01aeea50fe880896da

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 404 favicon.ico
www.tortdefenders.com/ 47 B
136 B 41ms
41ms Other
text/html 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tortdefenders.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tortdefenders.com/roundupclaim/?ef_transaction_id=6a012d846dac4de981accdc4589c35f7&lp_subid1=43
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/html
cf-ray: 8a013f7d0f5144fe-TXL
content-length: 47

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 20E5 0
0 146ms
44ms Document
text/html 108.156.61.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=123B21C3-057C-D004-5FC1-35D14F52C71C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=1FF587B7-A1C0-E8EC-447A-6B39DA34F50E&lac=90154F17-A296-41BD-19C2-AAE16A918AC1

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.61.228 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-61-228.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Age: 41230
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 08 Jul 2024 04:27:03 GMT
Etag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 b3ca057e9cdd89c43806ec06db3b4046.cloudfront.net (CloudFront)
X-Amz-Cf-Id: oPVysh2oY8lW84qEyjOziu20MyjFgSmDgeXQzTzdL_t32w0IKeS4QQ==
X-Amz-Cf-Pop: AMS1-P2
X-Cache: Hit from cloudfront
X-Cdn: Imperva
X-Iinfo: 12-17605595-17605598 NNNN CT(94 96 0) RT(1720239977562 5) q(0 0 2 0) r(3 3) U24

POST
H2 200 SaveDom Show response
create.leadid.com/2.12.1/ 0
731 B 333ms
329ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=b551dfff-548d-4321-bfff-6901a045c7f0&token=123B21C3-057C-D004-5FC1-35D14F52C71C&_=455253031

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323469 NNNN CT(94 95 0) RT(1720454015071 467) q(0 0 2 1) r(3 3) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
722 B 241ms
237ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=b551dfff-548d-4321-bfff-6901a045c7f0&token=123B21C3-057C-D004-5FC1-35D14F52C71C&_=455253032

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323365 PNNN RT(1720454015071 480) q(0 0 0 0) r(2 2) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ua Show response
ipua.io/ 179 B
565 B 217ms
217ms Fetch
application/json 172.67.134.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipua.io/ua
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cbaba7e6421796c54254ab81aa837b8ddedc4f0d869a9279b0ddc8a3cc8c91

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HATvuzzBU7xtnjkRJfAHUHQXzpODtHmOH%2BY5QjoUirCtxWsGAQ6smybG85Zry01cC4BYeTRTZEA5I9oaZ14Fm6N5GfprjEdWUJlGHNWrtWVYITrGJ%2FHknpqz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.tortdefenders.com
access-control-allow-credentials: true
cf-ray: 8a013f7ead889128-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 trustedform-1.9.17.js Show response
cdn.trustedform.com/ 94 KB
36 KB 134ms
134ms Script
application/javascript 2600:9000:2553:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&ping_field=xxTrustedFormPingUrl&l=17204540144790.6977681559782787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2553:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: yPCS4iNdfsh5BqX6qtsN5d5eM3wY99Uk
content-encoding: gzip
via: 1.1 7b0b4bae410ad2d445fd1d40cc135f38.cloudfront.net (CloudFront)
date: Mon, 08 Jul 2024 15:53:36 GMT
last-modified: Thu, 06 Jun 2024 20:45:19 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P5
etag: W/"8bed3069af20b4729a119828224df24b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: GWllXkNoSYyf7vMbq7bD64OntrVJdVLBxyft11QceUTe5ZJKS5KnIw==

OPTIONS
H3 200 a
de.vour.io/ Frame 0
0 491ms
406ms Preflight
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.tortdefenders.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://www.tortdefenders.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a013f8098d25d9c-FRA
content-length: 0
content-type: text/plain
date: Mon, 08 Jul 2024 15:53:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVPRJTbMY1BzwcDB2%2F4yqEUcWnv9c23RDR9fa9Vy1c9JHZWB%2BrAuoTTGPLYDxgbps2OhtaubkRTwg7VGPGPlOq749aeC70ZnL7CcYz2qLcDomD1iqxSsejdEaOe%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ip-country: DE

POST
H3 200 a Show response
de.vour.io/ 111 B
604 B 285ms
239ms Fetch
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71efb94f7ee3ac4e57c3bede3b9df2b312b7e89481af4ff309181f19a2c7b2c2

Request headers

Referer: https://www.tortdefenders.com/
Authorization: Basic YWZjOTEyM2EtYzMxZi00MTZjLTg3NDMtYTZlZGI0YTExYWE0OnU5UGl1YnhYVkNNWjhHUnBnM1R5NlpIWFFPdVQ4ZG5z
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fam5pusDoh%2F1PywVYiHys634Ecy0hATpmUDw3LT0iyKmV5rU1fsS%2FTwNoXN7HSRtgVv2rK6dgwrmE9y2M%2FFjMSpXcztFglOAhb7QxXqglG5rguU4fWDr6VKrQRz7"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.tortdefenders.com
x-ip-country: DE
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8a013f836d278ecb-FRA
access-control-allow-headers: authorization
alt-svc: h3=":443"; ma=86400

POST
H2 204 snapshot Show response
api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/ 0
160 B 239ms
235ms XHR
text/plain 34.232.138.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.138.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-138-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 15:53:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/ 0
160 B 701ms
693ms XHR
text/plain 34.232.138.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.138.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-138-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 15:53:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 1a88e3b0-tort-defenders-logo-horizontal-rgb.svg
d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/ 4 KB
0 1ms
1ms Image
image/svg+xml 3.160.213.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/1a88e3b0-tort-defenders-logo-horizontal-rgb.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-213-29.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96f311695befa92f76b0bd3f87649a6788fd619a54ffb07cef91d3532049e6a8

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: cRbn0NuZNlO3vuKM.P8r_o5OUS7IP_lG
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 17:58:41 GMT
server: AmazonS3
via: 1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
etag: W/"d9f1b2c166ade665b87da0c40c0b6d40"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: BXoo8iRMHdbpRH8k3HbBZNmjw3lLWlMiubDfhal5boPU9hlKyup93Q==

GET
H2 200 6fff96ca-td-roundup-claims-header.svg
d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/ 5 KB
0 1ms
1ms Image
image/svg+xml 3.160.213.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/www.tortdefenders.com/roundupclaim/6fff96ca-td-roundup-claims-header.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.213.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-213-29.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15412a23fe90c2ece0466a937822799c3b7be5059534c57a3af07af007f266ea

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 15:53:35 GMT
x-amz-version-id: 7S_z2OwxBYQgYHvAPXCkOw06gIeBEUwi
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 17:58:41 GMT
server: AmazonS3
via: 1.1 f0503dd1ece22a88692fda1dd995e2e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
etag: W/"cb25f32e9d978f0e20296b6dfd8dcd21"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
x-amz-cf-id: _lozSk8bRoRdJx8sT7KwW3TXLmgjFcCfV_zqRPhz73A10sIs3yvYMg==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 InitFormData Show response
create.leadid.com/2.12.1/ 0
756 B 359ms
357ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/InitFormData?msn=4&pid=b551dfff-548d-4321-bfff-6901a045c7f0&token=123B21C3-057C-D004-5FC1-35D14F52C71C&_=455253033

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323528 NNNN CT(94 95 0) RT(1720454015071 877) q(0 0 2 0) r(3 3) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
731 B 626ms
540ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=5&pid=b551dfff-548d-4321-bfff-6901a045c7f0&token=123B21C3-057C-D004-5FC1-35D14F52C71C&_=455253034

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323557 NNNY CT(96 97 0) RT(1720454015071 1151) q(0 0 0 2) r(0 5) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1499804/log/3/ 0
252 B 137ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1499804/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1720454014904&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720454016464&vi=1720454014902&ri=e67f02d1af3f7f7c5e2dd193ddbed6d6&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1499804/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tortdefenders.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.tortdefenders.com
pragma: no-cache
date: Mon, 08 Jul 2024 15:53:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1499804/log/3/ Frame 0
0 179ms
56ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1499804/log/3/unip?en=pre_d_eng_tb&tos=1556&scd=0&ssd=1&est=1720454014904&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720454016464&vi=1720454014902&ri=e67f02d1af3f7f7c5e2dd193ddbed6d6&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.tortdefenders.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.tortdefenders.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 08 Jul 2024 15:53:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H3 200 token Show response
algenid.com/ 192 B
898 B 397ms
344ms Fetch
application/json 172.67.135.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algenid.com/token
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1427cd47b5dddbe1f581f74f78836c4dca5d91b842c399025756283a181302ee

Request headers

Referer: https://www.tortdefenders.com/
Authorization: Bearer UV07RJGvBN85hgljlVePspqkRV8d3Vu9HtQnWUNCTK4n-7_aGCDNslaoxbXUyukTywOFIhBaqckLeVESYLWQVbkDi4wRSHfOfLbWDr6qS3mNj3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyC%2Bw5ELbUetOnojiv4Tk1MMtLbTf6pDPJCFHrQsqdGlF64E8wVGzg0HRiX57quDvIz5i%2Fru8jMZf8TPUplfCRgts8m580fnfuMdqYBcfxmrOCpRB42qrDdeRQzBzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-ip-country: DE
access-control-allow-origin: https://www.tortdefenders.com
access-control-allow-credentials: true
cf-ray: 8a013f880d0c3686-FRA
access-control-allow-headers: authorization
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H3 200 token
algenid.com/ Frame 0
0 432ms
367ms Preflight
text/plain 172.67.135.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://algenid.com/token
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.135.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.tortdefenders.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://www.tortdefenders.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a013f855c909f27-FRA
content-length: 0
content-type: text/plain
date: Mon, 08 Jul 2024 15:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQtVFMIH5Jp%2FMaGdGhFmefhonW8Ka25Ia9KkWgmTjkKqEp7PHlADvJx4M4gX38DSPXe3nY5aeQmhKIwYdBMazV%2B3whroqGRQuRE%2Fi%2Bp%2FtLGr8IHBQTZDEeQUgmQRjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-ip-country: DE

POST
H2 204 events Show response
api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/ 0
160 B 119ms
119ms XHR
text/plain 34.232.138.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.138.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-138-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 08 Jul 2024 15:53:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.12.1/ 0
745 B 324ms
314ms XHR
text/plain 45.223.19.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/Snap?msn=6&pid=b551dfff-548d-4321-bfff-6901a045c7f0&token=123B21C3-057C-D004-5FC1-35D14F52C71C&_=455253035

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/1ff587b7-a1c0-e8ec-447a-6b39da34f50e.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.19.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.tortdefenders.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jul 2024 15:53:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
x-cdn: Imperva
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
x-iinfo: 12-49323339-49323365 PNNN RT(1720454015071 1665) q(0 0 0 1) r(2 2) U24
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 a Show response
de.vour.io/ 478 B
1 KB 240ms
239ms Fetch
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/a
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5acca0418b6022b77128c4d32f183e11adacffa74f0da0965ece8f33692c2f6

Request headers

Referer: https://www.tortdefenders.com/
Authorization: Bearer LB48jNByZnWrvB-Le9mSXuMymE6rBpEmGEWz86MZhWv284jz0LKGE4h-Ir_llN1-h3H45oRUb71KAh4MecHtmPW_Wc0Q3p2QE4ekAy90GRdctZHPomWGIGre-H1bmJt3CJFlp80
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jul 2024 15:53:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ip-country: DE
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5dFbwJo2SKZZQ%2BC4p%2FdGT5R2oqOn7Ph%2BS6%2F0g694eyEKt5zTseQ8Q6AUM3re8HGde4jBvAT5Lk943y1V7QnDHaXnk9wMx4moXUZkhA%2F1ZNPFCipdr31Dsqmzc4fH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.tortdefenders.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8a013f8a2ff48ecb-FRA
access-control-allow-headers: authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H3 200 i
de.vour.io/ Frame 0
0 395ms
395ms Preflight
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/i
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.tortdefenders.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-origin: https://www.tortdefenders.com
access-control-expose-headers: x-ip-country
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a013f8bcc085d9c-FRA
content-length: 0
content-type: text/plain
date: Mon, 08 Jul 2024 15:53:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4po9J0FIxqKiekScme7SpBaobQK1beADBVXGz4jOYK%2BSu3%2FQgjZGaKE2CMoQytOxWXpVY7jiucnc7kEeMWYY78haW%2Bu3gZmyd2QYY05ZXqmYrjWFs1za4AG8as5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ip-country: DE

POST
H3 200 i Show response
de.vour.io/ 16 B
492 B 226ms
224ms XHR
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.vour.io/i
Requested by: Host: cdn.jscaddy.com
URL: https://cdn.jscaddy.com/js/v1/u9PiubxXVCMZ8GRpg3Ty6ZHXQOuT8dns/tn5p7d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.tortdefenders.com/
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI1Njg0OThhYy1iNWYwLTQ1OTktYTgzYi1jZTc5YzU1YjQ3YmQiLCJpYXQiOjE3MjA0NTQwMTYsInR5cCI6InIifQ.L_g1cHgB1aL_DfbTRTqX2vO4Z_3nWaZVajOPU-EB-nJnb6vrmBMeTDDSK_9R6sHp2gQIqMLO8DoxDmtPyMhDE7FjmO5B5BUveUP_Ue0KuSr8SDABjnbxSThXHwFh9ve01i_dH9bzwszK9f7PnZr7oEbcj0xF32RY7mX2jzHLY-0sOtB-OuJ0LeZa2XvpZS33jOfsPxZkuI4OyZwvkyiLX65rG6cL9R4iULS0V3GWp8fLaV_Dx5b4cIXSrsM-HSB21TyZuelaxoHSFajRYtEalrPlVDMjB5HQlPNl8-mGPAKpmJsHZZ1YDvXA3wmHgSfUNCaO7yCpRBCP0o6u1mz7HQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 08 Jul 2024 15:53:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ip-country: DE
alt-svc: h3=":443"; ma=86400
content-length: 16
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTeKaItmbbaa70%2FTKTN55z9uBd9tOO%2Fxp4Cu6C4GruZgi5kZNxcPTvF44Dhy7dxMvbd9Eaub3y0Kuz3ED7zBBEh311EkoWzZNSm029aIUeHWqeZF879ALHjK8tJv"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.tortdefenders.com
access-control-expose-headers: x-ip-country
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8a013f8e4ec98ecb-FRA
access-control-allow-headers: authorization

GET unip
trc-events.taboola.com/1499804/log/3/ 0
0

OPTIONS unip
trc-events.taboola.com/1499804/log/3/ Frame 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST events
api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: script.anura.io
URL: https://script.anura.io/request.js?instance=2632692976&source=43&additional=%7B%221%22%3A%226a012d846dac4de981accdc4589c35f7%22%7D&callback=anuraResponseHandler&665759178198

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/1499804/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1720454014904&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720454019465&vi=1720454014902&ri=e67f02d1af3f7f7c5e2dd193ddbed6d6&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/1499804/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=0&ssd=1&est=1720454014904&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720454019465&vi=1720454014902&ri=e67f02d1af3f7f7c5e2dd193ddbed6d6&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YQDQ3BYEYD&gtm=45je4730v893957114za200zb893948949&_p=1720454014314&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=287634613.1720454015&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720454014&sct=1&seg=0&dl=https%3A%2F%2Fwww.tortdefenders.com%2Froundupclaim%2F%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43&dt=&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6481&_z=fetch

Domain: api.trustedform.com
URL: https://api.trustedform.com/certs/ae679927aa7ec9e294d06f87d53741fd6d59cc7d/events

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tortdefenders.com/roundupclaim/	1970-01-21 02:19:11	Name: ubpv Value: b%2C929aa0f9-4ebc-49b0-9dcd-841583597a4f
www.tortdefenders.com/	1970-01-21 02:13:26	Name: ubvs Value: 45b89963-11d6-4f4b-97b9-c41967f85f11
.tortdefenders.com/	1970-01-20 21:58:33	Name: ubvt Value: v2%7C45b89963-11d6-4f4b-97b9-c41967f85f11%7C929aa0f9-4ebc-49b0-9dcd-841583597a4f%3Ab%3Aweighted%3Aweighted
.www.tortdefenders.com/	1970-01-20 21:54:15	Name: __cf_bm Value: 6gWsLuFk3Ea.gIiytReWtEarBnE4Sq3FlqApUQU22Gg-1720454014-1.0.1.1-_2GfyZmNZWcL2hPf6GY0fICE8PaJ9uZ8F8AsQ7vn87maaKXJgKrKu3KKedmqCM2VtALzKDZj04H2Bv28bPl.aw
.tortdefenders.com/	1970-01-21 06:39:50	Name: calltrk_referrer Value: direct
.tortdefenders.com/	1970-01-21 06:39:50	Name: calltrk_landing Value: https%3A//www.tortdefenders.com/roundupclaim/%3Fef_transaction_id%3D6a012d846dac4de981accdc4589c35f7%26lp_subid1%3D43
.tortdefenders.com/	1970-01-21 06:39:50	Name: calltrk_session_id Value: fb8369d7-f9d4-4bdf-8e47-c65aa621ce9d
.tortdefenders.com/	1970-01-21 00:03:50	Name: _gcl_au Value: 1.1.1585692412.1720454015
.tortdefenders.com/	1970-01-21 07:30:14	Name: _ga_YQDQ3BYEYD Value: GS1.1.1720454014.1.0.1720454014.0.0.0
.tortdefenders.com/	1970-01-21 07:30:14	Name: _ga Value: GA1.2.287634613.1720454015
.tortdefenders.com/	1970-01-20 21:55:40	Name: _gid Value: GA1.2.1459624489.1720454015
.tortdefenders.com/	1970-01-20 21:54:14	Name: _gat_UA-242103372-1 Value: 1
.tortdefenders.com/	1970-01-21 00:03:50	Name: _fbp Value: fb.1.1720454015107.28118378175289982
www.tortdefenders.com/	1970-01-20 21:54:14	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1720454015372%7D
www.tortdefenders.com/	1970-01-20 21:54:14	Name: leadid_token-90154F17-A296-41BD-19C2-AAE16A918AC1-1FF587B7-A1C0-E8EC-447A-6B39DA34F50E Value: 123B21C3-057C-D004-5FC1-35D14F52C71C
ipua.io/	1969-12-31 23:59:59	Name: JSESSIONID Value: cZDgMYXrPcSe2NmkEjPEbmUG8GLrhEVo
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 1eEVJg3zrVVJLAW2C30iGwAAAAAeUOAG+YMlaoPtgwP//rIW
.trueleadid.com/	1970-01-21 06:38:49	Name: visid_incap_3051494 Value: 9OYsr6fdRtOrMpg/XVcL+n8LjGYAAAAAQUIPAAAAAADpLZF5ZEjAkTRsqatpf+H1
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_877_3051494 Value: BRLuf97OoEO/WGYr37orDH8LjGYAAAAASnd2jJAL0wo4BrMygemSwg==
.deviceid.trueleadid.com/	1970-01-21 07:30:14	Name: uuid Value: ce81b871d76e401eb767f2f9c7bc38f8
.leadid.com/	1970-01-21 06:38:49	Name: visid_incap_3079785 Value: BoehJSpNT+eXbPFWP+M+C4ALjGYAAAAAQUIPAAAAAAB1vhEG2WnDIUxnpnxAuwQ2
.leadid.com/	1969-12-31 23:59:59	Name: nlbi_3079785 Value: 3xPwX5Ass1BIRs9yoCxIyQAAAABTqnQUioG7W0AkPVm/l7aU
.leadid.com/	1969-12-31 23:59:59	Name: incap_ses_877_3079785 Value: I25YGgDZ/T0pWWYr37orDIALjGYAAAAAsn9/32RJyTYcVJPOUjQXfQ==
.algenid.com/	1970-01-21 06:39:50	Name: t1 Value: 8caa7a849bb304cd675eb3b9bbae9dc866269aeef22beaea9f094a294e75c599042463b7b35176d8dd244154a85a56f9b859e7391bffe5fcd6cc0d9148c033408f79cf33d473ef107b243c40455fdf
.vour.io/	1970-01-21 06:39:50	Name: 624_jwt Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI1Njg0OThhYy1iNWYwLTQ1OTktYTgzYi1jZTc5YzU1YjQ3YmQiLCJpYXQiOjE3MjA0NTQwMTZ9.R1l112IqsRJ1SUc3BB_BPBlAVLVZbCNv_gD-zKdBoX5cZNvhgfInVm42nF2UED15ni8tduuDX4JMQOstp2LaY7s79Ftxevo7fK1UW0TeuFGIiPMJ2ETHRZzYwcbXpemNqouJzw3_0btaC-c-YAYJFzSHHPFzRAlV9Dc_krBBQTPUvyyb1su9fqhACFvJf6cCKtL8TC9IvD88MTqFP5siTqBWFXMM7EI4WHmJV1JKPKqu2Qdr9c5JWbKA9zeQs52zIiugFf7MAbQCClCMjOKSJHUQTku3E-2ZARs0PnUZVfKIfR6qjWKpL0rJUwFWpXcG5lRGndqGl_HfGd0pgiSD6Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tortdefenders.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

algenid.com
amplify.outbrain.com
api.trustedform.com
builder-assets.unbounce.com
cdn.callrail.com
cdn.jscaddy.com
cdn.taboola.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
de.vour.io
fonts.ub-assets.com
ipua.io
js.callrail.com
psb.taboola.com
rawgit.com
region1.google-analytics.com
script.anura.io
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tortdefenders.com
api.trustedform.com
region1.google-analytics.com
script.anura.io
trc-events.taboola.com
108.156.61.228
13.227.219.25
141.226.228.48
151.101.129.44
151.101.65.44
157.240.0.6
172.64.153.235
172.67.134.204
172.67.135.143
18.245.46.112
18.245.46.63
184.28.89.148
188.114.97.3
2001:4860:4802:32::36
2600:9000:2090:a400:12:baaf:c600:93a1
2600:9000:2553:5200:1c:7f1a:6680:93a1
2606:4700:10::ac43:29e5
2a00:1450:4001:80e::2008
2a00:1450:4001:82f::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.160.213.29
34.232.138.67
45.223.19.68
65.9.86.32
70.42.32.223
06ff1962d170e0e1558af84b29bc6843df6d41061842389e1978909b9ed3003c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1427cd47b5dddbe1f581f74f78836c4dca5d91b842c399025756283a181302ee
15412a23fe90c2ece0466a937822799c3b7be5059534c57a3af07af007f266ea
195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f3261b41b272b75587ac413fafb9b6ffd836858578557f32bea87b143dd0169
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
560e0d0d14bab84e97e8e792ba1b8ad6b3503d4ec73512857bda891af4dd97ca
5bd89bfca3ca1cb53de9cf357ddc8e0e2041837783db4d49995cfb5ddd4acbc9
5d3c59b743b5d20712da8b7915043c4c0007493369acf2d10ee093b553014186
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6aa744f829693aeffc3af35316b870b9dd4d8e13179f1f58ca88a9cd56a23f28
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6d04e293cbb5bc943a3fa34eeedc2bd97cd7c05833aaf863a9c8687dd9302728
71efb94f7ee3ac4e57c3bede3b9df2b312b7e89481af4ff309181f19a2c7b2c2
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bda413210a9503ccb5a3b486b638d2355c6ba7411f40b75f6fbd51992aee87b
7eb5f605ef2d149854589d2d46ce7a7619a191ae4fe82a978e75ec0a8b41af46
8386cb79c656ee7561d3bee8ff8190ac1d0dc5535ea48eecde47569c9a252420
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
884998d46d5a08de36acba4001994cdc18d948dbf922d9d1a044a5973a665927
8ad2e5d7d5ccf3ee47b9ac3250046aedaa8086750829e7233b744c515b3788a8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93fe09517a3b390258d8e8af35a67c33e1f458d85c2160c708759ce178542203
96f311695befa92f76b0bd3f87649a6788fd619a54ffb07cef91d3532049e6a8
a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de
a7cbaba7e6421796c54254ab81aa837b8ddedc4f0d869a9279b0ddc8a3cc8c91
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6e9df566f59517f4c2bab0e5365c61ec48a298dac02b5aefbde7cafe38d380e
c2a3d042ca61f7d2e5d4878282fa8a80ebf3699f9f1fd933d4a8fdb79a7d0f75
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928
c6f1048ea95c6f40a1d29aef31db5ff0945a21fece9801089965df0661be29be
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9c50f26a6353f62378cf47b44ec865cc0c0903c8887505d68ba831bb9e30f9c
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
d5acca0418b6022b77128c4d32f183e11adacffa74f0da0965ece8f33692c2f6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ead40ced25fc0e11a2c6f0199a7a99ece80c1a3609ba6d01aeea50fe880896da
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb791f1e78261fe704941c630a8b79b6bbb5861d3226f32fd9b4e16e8933e5d7
fc978a9c1bfb4ba841137d2d18e679fb33c981d7ac0aa72084a3a72e84864feb

www.tortdefenders.com Open in urlscan Pro 172.64.153.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

91 %HTTPS

31 %IPv6

20 Domains

29 Subdomains

27 IPs

3 Countries

1024 kBTransfer

2544 kBSize

25 Cookies

0 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tortdefenders.com Open in urlscan Pro
172.64.153.235 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

91 %
HTTPS

31 %
IPv6

20
Domains

29
Subdomains

27
IPs

3
Countries

1024 kB
Transfer

2544 kB
Size

25
Cookies

78 HTTP transactions
2 data transactions