theviolentendofamerica.com Open in urlscan Pro
2606:4700:3031::ac43:af6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.harmoniandebate.com/?qs=450054bcbd5687c85025888a8f4c0ed3c0426e15dfc4e410d9065bbc23415dc551c22c1c503cb1895f03e9a30fe5...
Effective URL:
https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Submission: On September 14 via api (September 14th 2023, 2:21:56 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 58 IPs in 6 countries across 53 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3031::ac43:af6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is theviolentendofamerica.com.
TLS certificate: Issued by GTS CA 1P5 on August 30th 2023. Valid for: 3 months.

This is the only time theviolentendofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.147.132 128.245.147.132	14340 (SALESFORCE) (SALESFORCE)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.102.165.129 34.102.165.129	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2606:4700:303... 2606:4700:3031::ac43:af6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:780... 2a02:26f0:780::210:a469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a04:4e42:200... 2a04:4e42:200::644	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2600:9000:211... 2600:9000:211a:6600:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:239... 2600:9000:2394:ec00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	18.194.60.143 18.194.60.143	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.77.247.132 3.77.247.132	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.215.85.23 52.215.85.23	16509 (AMAZON-02) (AMAZON-02)
1	54.77.169.39 54.77.169.39	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.65.188.50 3.65.188.50	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:1f18:612... 2600:1f18:612b:4232:333c:fbab:e531:2e93	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.255.244.27 34.255.244.27	16509 (AMAZON-02) (AMAZON-02)
1	3.123.197.153 3.123.197.153	16509 (AMAZON-02) (AMAZON-02)
1	63.33.100.143 63.33.100.143	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.50 13.225.78.50	16509 (AMAZON-02) (AMAZON-02)
1	3.130.41.166 3.130.41.166	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	() ()
126	58

1 128.245.147.132 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.harmoniandebate.com

click.harmoniandebate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.harmoniandebatenwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.165.129 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.165.102.34.bc.googleusercontent.com

www.p1nptrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3031::ac43:af6d (United States)

ASN13335 (CLOUDFLARENET, US)

theviolentendofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.portersnextwarning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn2.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:211a:6600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2394:ec00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.60.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-60-143.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.247.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-247-132.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.148.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.85.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.169.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-169-39.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.188.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-188-50.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:333c:fbab:e531:2e93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.197.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-197-153.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-50.fra2.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.41.166 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-41-166.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4672 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 7274 distillery.wistia.com — Cisco Umbrella Rank: 7156	5 MB
12	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4092 gum.criteo.com — Cisco Umbrella Rank: 450 mug.criteo.com — Cisco Umbrella Rank: 2385 sslwidget.criteo.com — Cisco Umbrella Rank: 2365 widget.us.criteo.com — Cisco Umbrella Rank: 26862 dis.criteo.com — Cisco Umbrella Rank: 641	54 KB
11	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3854	122 KB
10	wistia.net fast.wistia.net — Cisco Umbrella Rank: 8682	367 KB
10	theviolentendofamerica.com theviolentendofamerica.com	2 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1055 c.clarity.ms — Cisco Umbrella Rank: 1609 x.clarity.ms — Cisco Umbrella Rank: 8493	27 KB
5	portersnextwarning.com www.portersnextwarning.com	807 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 421 c.bing.com — Cisco Umbrella Rank: 273	15 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 557 p.typekit.net — Cisco Umbrella Rank: 727	387 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	229 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	4 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1861	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 349	140 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	216 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2288	315 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	162 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	3 KB
2	gstatic.com fonts.gstatic.com	75 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1209	17 KB
1	criteo.net static.criteo.net	449 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2555	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 785	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2295	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2782	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4737	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 30092	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2982	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 953	585 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 879	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1362	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3467	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 786	199 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 966	342 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1283	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 433	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2604	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1595	99 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 613	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 402	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 719	786 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	google.de www.google.de — Cisco Umbrella Rank: 5677	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	decide.dev cdn2.decide.dev — Cisco Umbrella Rank: 31828	612 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1118	7 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	29 KB
1	p1nptrk.com 1 redirects www.p1nptrk.com	461 B
1	harmoniandebatenwl.com 1 redirects www.harmoniandebatenwl.com	762 B
1	harmoniandebate.com 1 redirects click.harmoniandebate.com	312 B
0	smartadserver.com Failed rtb-csync.smartadserver.com Failed
0	addevent.com Failed track.addevent.com Failed
126	53

	Domain	Requested by
11	embed-cloudfront.wistia.com	fast.wistia.net
11	dev.visualwebsiteoptimizer.com	theviolentendofamerica.com dev.visualwebsiteoptimizer.com
10	fast.wistia.net	theviolentendofamerica.com fast.wistia.net www.portersnextwarning.com
10	theviolentendofamerica.com	theviolentendofamerica.com static.cloudflareinsights.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	www.portersnextwarning.com	theviolentendofamerica.com
3	ib.adnxs.com	2 redirects
3	x.clarity.ms	www.clarity.ms
3	bat.bing.com	theviolentendofamerica.com bat.bing.com
3	www.googletagmanager.com	theviolentendofamerica.com www.googletagmanager.com
3	fonts.googleapis.com	theviolentendofamerica.com
3	use.typekit.net	theviolentendofamerica.com use.typekit.net
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	pipedream.wistia.com	fast.wistia.net
2	c.clarity.ms	1 redirects
2	fast.wistia.com	fast.wistia.net
2	www.facebook.com	theviolentendofamerica.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	dynamic.criteo.com	www.googletagmanager.com
2	connect.facebook.net	theviolentendofamerica.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	use.fontawesome.com	theviolentendofamerica.com
1	static.criteo.net	theviolentendofamerica.com
1	s.thebrighttag.com
1	distillery.wistia.com	fast.wistia.net
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	c.bing.com	1 redirects
1	mug.criteo.com	theviolentendofamerica.com
1	www.google.de	theviolentendofamerica.com
1	www.google.com	theviolentendofamerica.com
1	cdn2.decide.dev	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	theviolentendofamerica.com
1	cdn.jsdelivr.net	theviolentendofamerica.com
1	www.p1nptrk.com	1 redirects
1	www.harmoniandebatenwl.com	1 redirects
1	click.harmoniandebate.com	1 redirects
0	rtb-csync.smartadserver.com Failed
0	track.addevent.com Failed	theviolentendofamerica.com
126	66

This site contains links to these domains. Also see Links.

Domain
members.porterandcompanyresearch.com

Subject Issuer	Validity	Valid
*.theviolentendofamerica.com GTS CA 1P5	`2023-08-30` - `2023-11-28`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.portersnextwarning.com Cloudflare Inc ECC CA-3	`2023-02-15` - `2024-02-15`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
cdn2.decide.dev R3	`2023-09-03` - `2023-12-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Frame ID: 5FC380566303CB61F8057D03F761BA88
Requests: 66 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
Frame ID: 26BA381DC48F81AC82036EA99089D235
Requests: 3 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
Frame ID: 9BDC2EFD6229C6D245CE3D62498027A7
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=theviolentendofamerica.com&origin=onetag
Frame ID: E90F6AAC4EE96205D77F8464964C5E07
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_gid=CAESENrXW_MCo5Uoiqm7qQAxVsI&google_cver=1&google_ula=913071,0
Frame ID: DA503D9C787D87337885D0F099CEA104
Requests: 29 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: EB09936B4E640034D06A70FAFA4475C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Violent End of America

Page URL History Show full URLs

https://click.harmoniandebate.com/?qs=450054bcbd5687c85025888a8f4c0ed3c0426e15dfc4e410d9065bbc23415dc551c22c1c... HTTP 302
https://www.harmoniandebatenwl.com/LR9KH/XN48XM/?source_id=PorEOA11&sub1=1&sub2=SFJokHD&sub3=SFJok&sub4=Kor&sub... HTTP 302
https://www.p1nptrk.com/326NL2/34NZM4/?sub5=5e92affc2da14b79bee66250a7b4fa4c HTTP 302
https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email= Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

126
Requests

89 %
HTTPS

43 %
IPv6

53
Domains

66
Subdomains

58
IPs

6
Countries

9586 kB
Transfer

14864 kB
Size

58
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://members.porterandcompanyresearch.com/porter-amp-co-disclosures-and-details-eoa2/
Title: Here

Search URL Search Domain Scan URL

URL: https://members.porterandcompanyresearch.com/privacy-policy/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.harmoniandebate.com/?qs=450054bcbd5687c85025888a8f4c0ed3c0426e15dfc4e410d9065bbc23415dc551c22c1c503cb1895f03e9a30fe5fc519dd11af288971649 HTTP 302
https://www.harmoniandebatenwl.com/LR9KH/XN48XM/?source_id=PorEOA11&sub1=1&sub2=SFJokHD&sub3=SFJok&sub4=Kor&sub5=bryan.nandrasy@sabre.com HTTP 302
https://www.p1nptrk.com/326NL2/34NZM4/?sub5=5e92affc2da14b79bee66250a7b4fa4c HTTP 302
https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://gum.criteo.com/sid/json?origin=onetag&domain=theviolentendofamerica.com&sn=ChromeSyncframe&so=0&topUrl=theviolentendofamerica.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8uukL3wzdGo4dUtKQjJkWnM3Z2U1MHA3WFU0eDlmUGFhVEw4QldQRHc1M3A3ZlRGUnJtSlBJeGxBMlZvWGROWjFuUmMzL3RFU24wUlN6NVEzZWV2bVpOSDZnbGdYRlhTckRPSDBvdHBxeTNINVBwYXQ4NDFlUUpzWXYzZ3hPUGdFdk9adk9RdWsybk96WEQ1VEtYQXRyUm1KTjVjVDB2TGNERWZ2NmVtd1hqYmhGVXFjcktTRlp5aExSVTlEQVByUlVjNkg0dS9uSHArc1NZOWJJc3RtZEVMUjdIOHdoYjVqKzdLeU5IZHE4NTFKNUs0WTM5d0xGM053YWNhMnY4L2VTZ05UeEFaY1RoQTk1TzlHcUNCMHFBZjQycDRYdFA2WnNHaDRjaEZKRVp1UE5sQT18&cppv=2

Request Chain 73

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&RedC=c.clarity.ms&MXFR=3CB78C860FAF63880EF99F0A0BAF6D57 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&MUID=08D48A43103D6B5A149199CF11566A72

Request Chain 77

https://sslwidget.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0FtbjQlMkJ2T25XTDFXSCUyRkx0QkMyeHZYeSUyQnlQZVJjWWFFclpva2NhcG5HSkZ5NW1sJTJGYWtZOSUyQk1iZDBIOFR6VGc0a0YzbU15MXl1T1UyVWRCNW5COHVocm85akxIQjU0eDhYJTJCNjZmZ1RwVDRnS0FIejJuVTVkVWVDWGFONEZvUlA3c1BSS0pDMEtCWldXeUUlMkJOVnlhYyUzRA&tld=theviolentendofamerica.com&dy=1&fu=https%253A%252F%252Ftheviolentendofamerica.com%252F%253F_ef_transaction_id%253D6f10f4ae15774c07a98bd526258a13ff%2526email%253D&ceid=bcb8d377-63e3-46fa-b623-2f34cf341871&dtycbr=722 HTTP 302
https://widget.us.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0FtbjQlMkJ2T25XTDFXSCUyRkx0QkMyeHZYeSUyQnlQZVJjWWFFclpva2NhcG5HSkZ5NW1sJTJGYWtZOSUyQk1iZDBIOFR6VGc0a0YzbU15MXl1T1UyVWRCNW5COHVocm85akxIQjU0eDhYJTJCNjZmZ1RwVDRnS0FIejJuVTVkVWVDWGFONEZvUlA3c1BSS0pDMEtCWldXeUUlMkJOVnlhYyUzRA&tld=theviolentendofamerica.com&dy=1&fu=https%253A%252F%252Ftheviolentendofamerica.com%252F%253F_ef_transaction_id%253D6f10f4ae15774c07a98bd526258a13ff%2526email%253D&ceid=bcb8d377-63e3-46fa-b623-2f34cf341871&dtycbr=722

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_cm&google_hm=ay1rZTEwNmFhWGxyTkhtWERFbGRZVVhJTFRJLU1qc05CazRROEhudw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_gid=CAESENrXW_MCo5Uoiqm7qQAxVsI&google_cver=1&google_ula=913071,0

Request Chain 89

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3209968205154059339

Request Chain 100

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw&C=1

Request Chain 101

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x

Request Chain 116

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=P4gRnnBs9uqtlZ8apVCE9lNdFQf58evy

Request Chain 118

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wClJS1ktzv2tcYGm1bVQuaKhfLFrDxQN

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theviolentendofamerica.com/
Redirect Chain

https://click.harmoniandebate.com/?qs=450054bcbd5687c85025888a8f4c0ed3c0426e15dfc4e410d9065bbc23415dc551c22c1c503cb1895f03e9a30fe5fc519dd11af288971649
https://www.harmoniandebatenwl.com/LR9KH/XN48XM/?source_id=PorEOA11&sub1=1&sub2=SFJokHD&sub3=SFJok&sub4=Kor&sub5=bryan.nandrasy@sabre.com
https://www.p1nptrk.com/326NL2/34NZM4/?sub5=5e92affc2da14b79bee66250a7b4fa4c
https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

27 KB
9 KB

515ms
416ms

Document
text/html

2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7558ecf6a9fe656f5dd7f20c14ac7962b0dbd8f614a46619b44e187475ebd9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8069471d6fff6951-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 14:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cazs1jOQZ2IuQNZpPj0LVmxkBNNXXqLSMa17QBrfr7SARb2kAgR4WTvBIjWoGaYMWnDE319ZaTptydxSuMY57G5AMKoC%2FrPG6%2F%2F32hYyy42S9oQOzRl958PyomJhbQnmy9iJTg66SIdRXimNtc8sRxgnIPJVFw4eUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 14:21:41 GMT
location: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 8b8a9c20-9ee7-47bf-951a-b2417c8cbd71

GET
H2 200 main.css
theviolentendofamerica.com//end-of-america-3-asset/landing/ 169 B
499 B 220ms
217ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e9a2fdfbd2b7b94c2bb186eb138e48fb87a96354d7dd77c1d9f9e431a6b570

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef7564-a9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCArihhmbUZ%2FfAp9A9qUv6xcIHqErbau%2FmANb1Wn344W2YWVb235CXTum3tRQFvKejlKi5a%2BASKNsc2ZEkpRpNt7V7QHrrHKEkAh4IBVJHCt%2FxGQgkLV7XAQbDnSAbTTu8XdL0TaVBB%2FwNAJGyC1emPtOiHvwD1B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 806947206bf76951-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 nlq3txc.css
use.typekit.net/ 8 KB
1 KB 237ms
199ms Stylesheet
text/css 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nlq3txc.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c33c24e71c543a037db8cb8a91dda8abad821d2658af677370b623e82b549390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 14 Sep 2023 14:21:42 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1017

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
29 KB 60ms
28ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theviolentendofamerica.com/
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1294490
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230122-FRA, cache-yyz4534-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHiSR3v%2FxwD%2F47zjwiCCBPRqWHz7Dp2rATsvEL7MD5cF60k3VM6o5FKRuDIFUdje%2FP7Qn10bJ4A2VxYW80Z1AFJV%2FrkSzcRo9TWXqlkw0XZiCyk3ulc24u3Y070hkNR6jKAai2pHqEADLy8amsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 806947209aabbb80-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 44ms
19ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A3RZM7K49QECFVFM
age: 1017069
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oavv8HFk5behjtNVpsWQaJ98GCSByzMcefDX5BG1eyA71OpNxqLZ5jqRZL14mslLrqONCSUxzKc=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PygurQthTf%2Bj8GxKqc4xR60fJA0ylPZ5QueFbzPX7RJHS%2F937xLoLNH5THFIly8y85e2cZolS1dCiTMOtaknTjvY3q8ZC9GRclxvMxk%2B2BgFitQ7lJBGCHisqkaQSoo4ZEholRP8Ap1PNnpJ33gMnjYG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 806947208f6ebba4-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 48ms
23ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FTPN7MFPDPTGYVP7
age: 1301282
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1z3SjVlzwCj4buU+iZX1i9l3bHBEkoJXF3gMzQpNsR3QhqKLbXKjLOq9SVzUn/sZehkE6nLM3r0=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ncxx1T84w%2FHAs1YZa7I5KmawvHh6%2B8SbsiiGAE2CRss41ITQudu1OvJXTQXg%2FTcrTIOgK%2BXWHbz%2BUZ5e2GFLeyWT%2FoQyXC8%2BjkAjV6iCINuEy4kURzwytj7MgWPz%2B3nnyMlo9%2BONsNHPeumRh2kUJcZP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 806947208f71bba4-FRA

GET
H2 200 css
fonts.googleapis.com/ 47 KB
3 KB 137ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:35:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 14:21:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
662 B 140ms
54ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter%3Aital%2Cslnt%2Cwght%400%2C-10..0%2C100..900&directory=3&display=block

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e08fc72de4465513b95b140d6cfc47b9d8d7c59d91c02f4fa1be947047914168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 14:17:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 14:21:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
621 B 141ms
55ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%7CLato+sans-serif%7CMerriweather%7CLato+sans-serif%7C%7C

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41323159445fea29848621b3002cc1d65a657136808b1b1922d7a933d3a71c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 14:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 14:21:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 200ms
55ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11176481438

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dfc2643cc1ccf0320bf24fa0cfa470721a3f4aedfd49de64a5d13f22900108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74539
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 14:21:42 GMT

GET
H2 200 lander.css
www.portersnextwarning.com/assets/ 425 KB
71 KB 175ms
100ms Stylesheet
text/css 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portersnextwarning.com/assets/lander.css
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 13:44:37 GMT
server: cloudflare
age: 293
etag: W/"6501bcc5-6a514"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1200
cf-ray: 80694720d9ad92b1-FRA
expires: Thu, 14 Sep 2023 14:41:41 GMT

GET
H2 200 application.js Show response
www.portersnextwarning.com/assets/userevents/ 5 KB
2 KB 34ms
33ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portersnextwarning.com/assets/userevents/application.js
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 13:44:37 GMT
server: cloudflare
age: 240
etag: W/"6501bcc5-147c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 806947237c6f92b1-FRA
expires: Thu, 14 Sep 2023 14:41:42 GMT

GET
H3 200 EOA_Logo_Web2x.png
theviolentendofamerica.com/end-of-america-asset/landing/img/ 282 KB
283 KB 213ms
212ms Image
image/png 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theviolentendofamerica.com/end-of-america-asset/landing/img/EOA_Logo_Web2x.png

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34b934f43c9e2960df63379e7a3d43413fe70d1bb014c3658c434daceb8a98b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64ef7512-468a5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiCTVxW5mklP%2BuBRb3MHDODAvZSABqLse6NrXlpchpWPz0WaGfE%2BUE%2BXeyH%2FRjlrWce4QYJ2mP6XcmMXkbdf0xGqXLXV147ym6fmNfR12Oen67tJvNfYmEVzRVfd8ViR6J4zQPxxC8hg%2BkBP78HoWrPWNJ9Dg9musg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80694723ac761e68-FRA
alt-svc: h3=":443"; ma=86400
content-length: 288933

GET
H2 200 lander.js Show response
www.portersnextwarning.com/assets/ 2 MB
663 KB 105ms
94ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portersnextwarning.com/assets/lander.js
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 13:46:08 GMT
server: cloudflare
age: 294
etag: W/"6501bd20-238672"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1200
cf-ray: 806947220ad192b1-FRA
expires: Thu, 14 Sep 2023 14:41:42 GMT

GET
H2 200 pushcrew.js Show response
www.portersnextwarning.com/assets/ 637 B
1 KB 40ms
37ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.portersnextwarning.com/assets/pushcrew.js
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 13:44:37 GMT
server: cloudflare
age: 666
etag: W/"6501bcc5-27d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=84gdoxVN8X8E9kfIMGpItHzusV0fg8lLO2hSVDGAJXw-1694701302-0-AVEXGsutKyaTOL5whKfzpl9w0Ih6PxpMjnvnzTVN2w9S3slWFg0Bv7M3UYhsCD7gO9zH-lJc52euuGtRaQW7tDKMbIEtWZ4Lq53sz19_wtfDEdX9auJhZJsYgU7v1th3qLVFf_dS-thFOZOvjHd8HUvWNExBztoBpsewMazK0Bay"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/x-javascript
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=84gdoxVN8X8E9kfIMGpItHzusV0fg8lLO2hSVDGAJXw-1694701302-0-AVEXGsutKyaTOL5whKfzpl9w0Ih6PxpMjnvnzTVN2w9S3slWFg0Bv7M3UYhsCD7gO9zH-lJc52euuGtRaQW7tDKMbIEtWZ4Lq53sz19_wtfDEdX9auJhZJsYgU7v1th3qLVFf_dS-thFOZOvjHd8HUvWNExBztoBpsewMazK0Bay; report-to cf-csp-endpoint
cache-control: public, max-age=1200
cf-ray: 80694723bc8b92b1-FRA
expires: Thu, 14 Sep 2023 14:41:42 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 149ms
66ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://theviolentendofamerica.com/
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 806947243ab44d56-FRA

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 57 KB
12 KB 75ms
32ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=735035&u=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&f=1&vn=1.5
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: a52e1a46ec648fe866225ea332e269742e2202ef82fda621c65b6e92e5edbd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1694699424_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 va_gq-a84b2b2ef3ad495f79afaa20352a7699.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 233 KB
61 KB 41ms
23ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=735035&u=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&f=1&vn=1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 0e2bbe173a81a58fe887105095c0b7eb027b78523d46c8dfea962f6407cc0f8a

Request headers

Referer: https://theviolentendofamerica.com/
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 14 Sep 2023 11:18:51 GMT
server: gams1
etag: "6502ec1b-f363"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62307

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
54 B 103ms
101ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=735035&d=theviolentendofamerica.com&u=D0F8BF3C94156CB8DF10D52DBCB70ED46&h=dad48dfd369be223272dcef8202a8bd8&t=false&r=0.351074056655855

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:41 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
BLOB 200
OK f5070ad1-ce88-4348-aef8-41e4c2340132
https://theviolentendofamerica.com/ 924 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theviolentendofamerica.com/f5070ad1-ce88-4348-aef8-41e4c2340132
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d9a2255c5d56bee7e19b3c7a4b2abb623a70fb4b0641f1f8bc793b7bd09441

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 924
Content-Type: application/javascript

GET
H3 200 normalize.css
theviolentendofamerica.com//end-of-america-3-asset/landing/css/ 6 KB
2 KB 211ms
203ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/normalize.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4236ee4207e1be90de5c2d64bcf193cf7a5d979816719fdd1d0b26a6d7489423

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef7564-17ab"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZjqgWtH04xPEn77b%2BM6YrykGFhL%2FBG2eUL436%2BMFAGDQI7PeGnuS7ktdb25FFwqAEqO2DXY1P9RjpNzgVFFlagW9O66J%2FgLaCpP%2BcgL%2BiGClgzGXQ4dIDDBENPC8ksvO8x13ig7XJKzKYcmxljv5tZgpdsvRWKM7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8069472209de1e68-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gsweb.css
theviolentendofamerica.com//end-of-america-3-asset/landing/css/ 81 KB
7 KB 205ms
196ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/gsweb.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97909381904d8e94fb354f9ae96f03023816433483bace2727dafbc031122d6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef7564-14298"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7IiN49x3U1iik%2BixQZpsujcinHCPKGad2CdpeFa4niZfLzJDj5nRNXApHURwza2LTUTScjzBZt9HPUMyiWEwE5aZHCe1MdgNTKWysZp6wM%2BiwrrEjqDHAjpRK3i8NRpb6XDxYGcTbtGiR%2BRDf23SMHWsoeqwNpPIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8069472209df1e68-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 custom.css
theviolentendofamerica.com//end-of-america-3-asset/landing/css/ 5 KB
2 KB 204ms
195ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/custom.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479e242486eafa2dc1c88918131d0c5fa9faeeb94b79bb6a637acf4c10e1a75d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef7564-123f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdqtacjtZbKUTt6Zx6XP1rArkCYop1Aej%2FYqFM4BXvQi95VLuNtL3WphPhy8Qk%2B2rRslQtGSJgUkv2986sBD0mk%2Bq9wareI78MG3tVK1gNfRZN2voMjL7DVtnOTryoFfQbsuxCf0dqH1FPdmWnBgT53XofwUtnJCiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8069472209e21e68-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
theviolentendofamerica.com//end-of-america-3-asset/landing/css/ 20 KB
5 KB 206ms
197ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/style.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

224af160e5a2176dabf981a2e946544dd493b7d1b3bf16de9db9356230dbbeb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 31 Aug 2023 20:47:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f0fc55-4fa2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU6gFQfZGE%2FuctJTl0j%2F5%2FZaXfj9K0kVbavyaVF58yoDexmT7DR75xRK5ZovffiqaSK1F2cAOd78Y5XqreVtYpTZIUAR1LT5HLrIutehggKC%2FMmTydSNUT5V1Bgz1tCvAICso2GfRjjeHtrEAZkqWBJXYBRquxv5jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8069472209e41e68-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lander.css
theviolentendofamerica.com//end-of-america-3-asset/landing/css/ 425 KB
70 KB 231ms
224ms Stylesheet
text/css 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/lander.css

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ef7564-6a511"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1Hk4qrAtD79uWIfu1H4Epygbu1d9Hf5cnpODtNoMQkEEsk1tpHRjv5%2FGzg%2FD9zCBLdIkdvvmDAFOOjjDvWdz%2FsE2%2BmGtpNtL7ZEB%2B%2Bcshr1AaLNsqPF4mHDGLwDBh0asAGZRU%2BgG2fmBmCOothweHykCCseMVLU8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8069472209e51e68-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 48ms
6ms Stylesheet
text/css 2a02:26f0:780::210:a469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nlq3txc&ht=tk&f=24323.24324.24325.24326.52107.52108.52109.52110.52111.52112&a=162784436&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlq3txc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 105ms
103ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=735035&u=D1F6E191FED7E4B478B61AE3A0E6C0A37&s=1694701301&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1694701302087%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&r=1&p=0&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1694701301118&v=09fa79034

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:42 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 track-a84b2b2ef3ad495f79afaa20352a7699.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 13 KB
4 KB 25ms
22ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-a84b2b2ef3ad495f79afaa20352a7699.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: b235dc8a24a740947ab517f6afa72b6ffc8fb69bf4c1bc348c6c403cc9783b79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 14 Sep 2023 11:18:58 GMT
server: gams1
etag: "6502ec22-fca"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4042

GET
H3 200 opa-f177818f78db753d675b25de59bf3695.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 118 KB
30 KB 24ms
21ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-f177818f78db753d675b25de59bf3695.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: c6ef87514f885d15cb7f9258fa79968706196960860701027c84a8a06f5826ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 14 Sep 2023 11:18:51 GMT
server: gams1
etag: "6502ec1b-775b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30555

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 34ms
32ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=735035&settings_type=1&vn=&eventArch=1&uuid=&ec=221417|245750&c=16-1&exc=4|5|12|14|16|17
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 391be06e9bd8cf80c781254de748bbfae4b1290314d2c0a1cfba29fbf74614ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1694699424_EA"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 109ms
107ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=735035&u=D1F6E191FED7E4B478B61AE3A0E6C0A37&s=1694701301&p=1&tags={%22si%22:{%2216%22:%221%22}}&update=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1694701301222&v=09fa79034&_cu=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:41 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H3 200 t
dev.visualwebsiteoptimizer.com/events/ 0
36 B 107ms
106ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/events/t?en=vwo_variationShown&a=735035&v=09fa79034&_cu=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theviolentendofamerica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 14:21:41 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1c
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Device-User-Agent, Vwo-X-Forwarded-For
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 102ms
100ms Ping
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=16&account_id=735035&cu=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&combination=1&s=1&sId=1694701301&u=D1F6E191FED7E4B478B61AE3A0E6C0A37&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1694701302225%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&vn=undefined&vns=undefined&vno=undefined&eTime=1694701301252&v=09fa79034

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-a84b2b2ef3ad495f79afaa20352a7699.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:41 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
64 KB 190ms
109ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNTDPRD

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9217616f104d71b1a1d6dc548d6f34360acecaf65116d77dbda8c0690f213eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65330
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 14:21:42 GMT

GET
H2 200 V1.jpg
www.portersnextwarning.com/hosted/images/9e/f0eaf47291423da07e411824c26a09/ 71 KB
71 KB 44ms
43ms Image
image/jpeg 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.portersnextwarning.com/hosted/images/9e/f0eaf47291423da07e411824c26a09/V1.jpg
Requested by: Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2e9682aa6a8e9bc3e3321f1ba5d071dcead737cf78cf513b356cc030efbd11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Feb 2023 14:45:33 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
age: 4500
x-amz-cf-pop: FRA53-C1
etag: "6fb3ed2c4e3d1a5dbda693d201a8ab11"
cf-polished: degrade=85, origSize=74539
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80694723cca692b1-FRA
content-length: 72249

GET
H3 200 eoa-background-gradient.png
theviolentendofamerica.com//end-of-america-3-asset/landing/img/ 2 MB
2 MB 208ms
208ms Image
image/png 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theviolentendofamerica.com//end-of-america-3-asset/landing/img/eoa-background-gradient.png

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1169b73641d873f00fac352b0709528742cb5cf64c9b569f82230ba4982b72f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com//end-of-america-3-asset/landing/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Aug 2023 16:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64ef7564-1deed2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3ajj9kXpZwR5SO8d4q02BCbEW6Y%2B6DKyFD4PTX0Z%2B%2F%2B4YFSSNAQ2wjOsAxMYqbOHEyyiCcACPU2ffiaHB9lyhZ4R%2BxjodL26udcttaXYPCMTkVpBg7ofggVr2K12opFPjyU1BCrq88TZvZMYLhogmPMOIxTdSLLpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 80694723ccac1e68-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1961682

GET
H2 200 xhr8bspm13 Show response
fast.wistia.net/embed/iframe/ Frame 26BA 73 KB
27 KB 24ms
8ms Document
text/html 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1b509a5fb33bb511052f63e26f68220e1e90df7a0164b28d617059159fdb3240

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://theviolentendofamerica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97681
cache-control: public, no-cache
content-encoding: br
content-length: 27092
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 14:21:42 GMT
etag: W/"1b509a5fb33bb511052f63e26f68220e"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 e21deb2f30f16d84eb8e8fda826091d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: dBkL3ZjdD9h9Ot08RMtvBVmE8fWZvpAQbREzmC3v1L7pvx2Cz4XlEg==
x-amz-cf-pop: IAD61-P1
x-browser: chrome
x-browser-version: 117
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 57, 1
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 271
x-permitted-cross-domain-policies: none
x-request-id: 2056c941-b814-4c32-9d09-c8f50d242ef2
x-runtime: 0.267113
x-served-by: cache-iad-kiad7000063-IAD, cache-fra-eddf8230136-FRA
x-timer: S1694701302.438601,VS0,VE2

GET
H2 200 l
use.typekit.net/af/f9f9de/0000000000000000774ba0e2/30/ 351 KB
351 KB 31ms
9ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f9f9de/0000000000000000774ba0e2/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlq3txc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 856259c2193b33de46da370f5f2b93d54a791493265342832c6c4b3caba81dac

Request headers

Referer: https://use.typekit.net/nlq3txc.css
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
server: nginx
etag: "f13576fa171ab5d2a34b4c3aebd2a1bf6d74050e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 359484

GET
H2 200 l
use.typekit.net/af/9aa147/00000000000000007735a52b/30/ 34 KB
35 KB 29ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9aa147/00000000000000007735a52b/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nlq3txc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 68b8f37832d40fad29129bde52f9241ad380aa1fec8e5f320d8f2e14cf14a921

Request headers

Referer: https://use.typekit.net/nlq3txc.css
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
server: nginx
etag: "87496ee1ffc01f1ccf94a5fff74bdbddeccf2e39"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35228

GET
H2 200 UcCo3FwrK3iLTcviYwY.woff2
fonts.gstatic.com/s/inter/v12/ 54 KB
54 KB 162ms
73ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcCo3FwrK3iLTcviYwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter%3Aital%2Cslnt%2Cwght%400%2C-10..0%2C100..900&directory=3&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cfec62c364c089175e62d9bdfaddf70be2aa43253fb6a147f3968a3011c66bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:59:04 GMT
x-content-type-options: nosniff
age: 454958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55612
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:02:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 07:59:04 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%7CLato+sans-serif%7CMerriweather%7CLato+sans-serif%7C%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theviolentendofamerica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:27:01 GMT
x-content-type-options: nosniff
age: 406481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:27:01 GMT

GET /
track.addevent.com/atc/ 0
0

GET insideIframe.js
fast.wistia.net/assets/external/ Frame 26BA 0
0

GET E-v1.js
fast.wistia.net/assets/external/ Frame 26BA 0
0

GET
H2 200 xhr8bspm13 Show response
fast.wistia.net/embed/iframe/ Frame 9BDC 73 KB
27 KB 10ms
9ms Document
text/html 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent

Requested by

Host: www.portersnextwarning.com
URL: https://www.portersnextwarning.com/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

1b509a5fb33bb511052f63e26f68220e1e90df7a0164b28d617059159fdb3240

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://theviolentendofamerica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97681
cache-control: public, no-cache
content-encoding: br
content-length: 27092
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 14:21:42 GMT
etag: W/"1b509a5fb33bb511052f63e26f68220e"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 e21deb2f30f16d84eb8e8fda826091d4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: dBkL3ZjdD9h9Ot08RMtvBVmE8fWZvpAQbREzmC3v1L7pvx2Cz4XlEg==
x-amz-cf-pop: IAD61-P1
x-browser: chrome
x-browser-version: 117
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 57, 3
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 271
x-permitted-cross-domain-policies: none
x-request-id: 2056c941-b814-4c32-9d09-c8f50d242ef2
x-runtime: 0.267113
x-served-by: cache-iad-kiad7000063-IAD, cache-fra-eddf8230136-FRA
x-timer: S1694701303.819294,VS0,VE0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11176481438/ 3 KB
2 KB 231ms
136ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11176481438/?random=1694701302828&cv=11&fst=1694701302828&bg=ffffff&guid=ON&async=1&gtm=45be39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&hn=www.googleadservices.com&frm=0&tiba=The%20Violent%20End%20of%20America&auid=632667114.1694701303&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11176481438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfb3c7afa00edab87b58093de050afee47aaa74d9676d23e971d6349bb401191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 worker.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 23ms
22ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-f177818f78db753d675b25de59bf3695.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 14 Sep 2023 11:18:51 GMT
server: gams1
etag: "6502ec1b-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 9BDC 45 KB
12 KB 12ms
11ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24f7cd37795b4af931607af4069fd1e34441fe2999a4ded68c13f3e76197bb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 159
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12067
x-served-by: cache-iad-kjyo7100111-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:53 GMT
server: AmazonS3
x-timer: S1694701303.903161,VS0,VE0
etag: "c2befee6098e5e462e08db8195131418"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21, 3

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 9BDC 731 KB
125 KB 11ms
11ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

939c52b61df42d9bf9ff58f4c8ad4c2e67f8b935b97cc74930245c3447837e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 160
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127229
x-served-by: cache-iad-kjyo7100133-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:52 GMT
server: AmazonS3
x-timer: S1694701303.903051,VS0,VE0
etag: "5eb7694ad68f097048c809e3dc4c4609"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
91 KB 78ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGEE0DBQV3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTDPRD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bae30c76ae7c077c422794b8e1d94a3b7286b8e03a159306fa8091f3faaad23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 14:21:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 47ms
12ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 14:21:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: GRRu2HBTSullhD0SraAu3DY8goQAaC/py0ZI8kF+C+Zughi0vG/xeOPx5lGXMJr3Or34IzZj9T1Synbat9PEmA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 306ms
15ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=105686

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTDPRD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ee3411377123099a79ce77538a2a824cba204d7c37d02464aee63aaf13b53ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 72ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 14 Sep 2023 14:21:42 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 633C2164095D4C8EA733AED147C5897D Ref B: FRAEDGE1516 Ref C: 2023-09-14T14:21:42Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 309ms
18ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=107528

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTDPRD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

659eb28077f53acb0d0831d20e4179afe6bad0a4353be56ced0026004a34c278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 lander.js Show response
cdn2.decide.dev/_js/ct/16128933770802432/ 822 B
612 B 109ms
21ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/ct/16128933770802432/lander.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTDPRD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 527b41cc413c2b5f0307af2e950d9d767eca38bcd963aae095c57363dccbf1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: gzip
via: 1.1 google
x-hw: 1694701303.cds201.am5.hn,1694701303.cds113.am5.c
content-type: application/x-javascript
cache-control: max-age=2230
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415

GET
H2 200 videoThumbnail.js Show response
fast.wistia.net/assets/external/ Frame 9BDC 72 KB
19 KB 12ms
12ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

adc874a577e654ef40bb6a6b6e27d4d70d1b59e076542785981861babe2f9b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 157
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19532
x-served-by: cache-iad-kcgs7200111-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:53 GMT
server: AmazonS3
x-timer: S1694701303.105442,VS0,VE1
etag: "f9ed1cd3ddc439e7a32c653e2305eae4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 1

GET
H2 200 343068019.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343068019.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1303ad3dbd0a38613902bb5e3859b896203ff360b2a8947c198736cf01bd2e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 14 Sep 2023 14:21:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F5DAACC75254024B2A4641D3EC556C3 Ref B: FRAEDGE1516 Ref C: 2023-09-14T14:21:43Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343068019&Ver=2&mid=8e1b0fba-ab25-42ef-8b6d-c39496ffbf68&sid=07397b30530a11eea5db259171ef77de&vid=0739e2b0530a11eea182ff28d4c1157c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Violent%20End%20of%20America&p=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&r=&lt=2664&evt=pageLoad&sv=1&rn=947750

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Sep 2023 14:21:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D888B522B52D4043AEA0B1EE02DAC43D Ref B: FRAEDGE1516 Ref C: 2023-09-14T14:21:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 277424178260842 Show response
connect.facebook.net/signals/config/ 408 KB
110 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277424178260842?v=2.9.125&r=stable&domain=theviolentendofamerica.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66b2b99be59f28f608d5a62ef50aae82f229d6fb9b9d44cf928ca667fd191bfc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Sep 2023 14:21:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: b8Qy22Abg1TCBlx2ymAjyxbTnvR4FTwWaR3HBb70gM8+wOaK9dQ0C0RSQgbz9ZcKkFScYw+eWfI8Me8mSh1gqA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 51ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GGEE0DBQV3&gtm=45je39b0&_p=1576370472&cid=59885156.1694701303&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694701303&sct=1&seg=0&dl=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&dt=The%20Violent%20End%20of%20America&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGEE0DBQV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theviolentendofamerica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11176481438/ 42 B
455 B 130ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11176481438/?random=1694701302828&cv=11&fst=1694700000000&bg=ffffff&guid=ON&async=1&gtm=45be39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&frm=0&tiba=The%20Violent%20End%20of%20America&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2043525355&rmt_tld=0&ipr=y

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11176481438/ 42 B
455 B 138ms
54ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11176481438/?random=1694701302828&cv=11&fst=1694700000000&bg=ffffff&guid=ON&async=1&gtm=45be39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&frm=0&tiba=The%20Violent%20End%20of%20America&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2043525355&rmt_tld=1&ipr=y

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 343068019 Show response
www.clarity.ms/tag/uet/ 878 B
1 KB 153ms
113ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343068019
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343068019.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cd532c10b97592f6e53c4b99c0637a5dbcb7ad8a533918ca1a460926f4d83692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: -1
date: Thu, 14 Sep 2023 14:21:43 GMT
x-azure-ref: 20230914T142143Z-s2xywzbfgx1fm59k7qdzuxaw2c00000003m000000000bsra
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 878
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 9BDC 79 KB
21 KB 16ms
15ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96bdbfc5920f60b62c1887eb76735c3780b77303ae572773a958e0d3cc2c7d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 158
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21011
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:53 GMT
server: AmazonS3
x-timer: S1694701303.211544,VS0,VE9
etag: "540383ce0b78cd15a98de3f56f075662"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25, 1

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 9BDC 473 KB
115 KB 19ms
19ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a3343c417818542610c8c7ca20808de3f2cc1c71c960b1900ca186f11a15c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 159
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117728
x-served-by: cache-iad-kjyo7100050-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:52 GMT
server: AmazonS3
x-timer: S1694701303.265122,VS0,VE2
etag: "1588bde24d952a346531c512d4690482"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E90F 15 KB
6 KB 59ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=theviolentendofamerica.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=105686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://theviolentendofamerica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 14:21:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 362557
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277424178260842&ev=PageView&dl=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&rl=&if=false&ts=1694701303361&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694701303359.1838966375&it=1694701303127&coo=false&rqm=GET

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 14:21:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 xhr8bspm13.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 9BDC 1 KB
2 KB 28ms
8ms XHR
application/x-mpegurl 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/xhr8bspm13.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f07b169e75c16fc35b57f94cd71bb5c9f2a0bf301d8c2bf23fe1960a3b8c855d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
via: 1.1 f61b2fd488f2b56ce284c14d3ee66f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 38675
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 37
content-length: 1354
x-request-id: 698a356e-0e16-4ce0-a90b-9c13022475a7
x-served-by: cache-iad-kjyo7100051-IAD, cache-fra-eddf8230088-FRA
x-runtime: 0.036216
x-browser-version: 117
server: envoy
x-timer: S1694701303.450252,VS0,VE1
etag: W/"f07b169e75c16fc35b57f94cd71bb5c9"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nIdRsNHLFotd8AmN2K9fwpsKD-8j6MGo5Bt3A8CfpO62z6viQWhcLA==
x-cache-hits: 18, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 9BDC 1 KB
1 KB 7ms
7ms Image
image/gif 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 362
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000175-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1694701303.431966,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2206727, 4

GET
H2

200

sid Show response
mug.criteo.com/ Frame E90F
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=theviolentendofamerica.com&sn=ChromeSyncframe&so=0&topUrl=theviolentendofamerica.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8uukL3wzdGo4dUtKQjJkWnM3Z2U1MHA3WFU0eDlmUGFhVEw4QldQRHc1M3A3ZlRGUnJtSlBJeGxBMlZvWGROWjFuUmMzL3RFU24wUlN6NVEzZWV2bVpOSDZnbGdYRlhTckRPSDBvdHBxeTNINVBwYXQ4NDFlUUpzWXYzZ3...

463 B
679 B

92ms
39ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8uukL3wzdGo4dUtKQjJkWnM3Z2U1MHA3WFU0eDlmUGFhVEw4QldQRHc1M3A3ZlRGUnJtSlBJeGxBMlZvWGROWjFuUmMzL3RFU24wUlN6NVEzZWV2bVpOSDZnbGdYRlhTckRPSDBvdHBxeTNINVBwYXQ4NDFlUUpzWXYzZ3hPUGdFdk9adk9RdWsybk96WEQ1VEtYQXRyUm1KTjVjVDB2TGNERWZ2NmVtd1hqYmhGVXFjcktTRlp5aExSVTlEQVByUlVjNkg0dS9uSHArc1NZOWJJc3RtZEVMUjdIOHdoYjVqKzdLeU5IZHE4NTFKNUs0WTM5d0xGM053YWNhMnY4L2VTZ05UeEFaY1RoQTk1TzlHcUNCMHFBZjQycDRYdFA2WnNHaDRjaEZKRVp1UE5sQT18&cppv=2

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6cbc6f2dea20b288ddb809ed831e9c92add8f3b6d81abdbc51a6a5d04b9ea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 14290794
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8uukL3wzdGo4dUtKQjJkWnM3Z2U1MHA3WFU0eDlmUGFhVEw4QldQRHc1M3A3ZlRGUnJtSlBJeGxBMlZvWGROWjFuUmMzL3RFU24wUlN6NVEzZWV2bVpOSDZnbGdYRlhTckRPSDBvdHBxeTNINVBwYXQ4NDFlUUpzWXYzZ3hPUGdFdk9adk9RdWsybk96WEQ1VEtYQXRyUm1KTjVjVDB2TGNERWZ2NmVtd1hqYmhGVXFjcktTRlp5aExSVTlEQVByUlVjNkg0dS9uSHArc1NZOWJJc3RtZEVMUjdIOHdoYjVqKzdLeU5IZHE4NTFKNUs0WTM5d0xGM053YWNhMnY4L2VTZ05UeEFaY1RoQTk1TzlHcUNCMHFBZjQycDRYdFA2WnNHaDRjaEZKRVp1UE5sQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 299991
content-length: 0
expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 29ms
29ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343068019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
last-modified: Tue, 05 Sep 2023 13:50:16 GMT
etag: W/"0x8DBAE170900AD3F"
vary: Accept-Encoding
x-azure-ref: 20230914T142143Z-s2xywzbfgx1fm59k7qdzuxaw2c00000003m000000000bssb
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ea9c9f47-701e-005c-6f67-e37b83000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 9BDC 125 KB
126 KB 61ms
21ms XHR
application/vnd.apple.mpegurl 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1f62ff6b5b82f36c50748f896f89ec03fe27d9466d4140792c0cce5f1a37c89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 01:46:46 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 736497
edge-cache-tag: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 334
content-length: 128340
surrogate-key: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7yMD7RPma4UfiNOQlmHG4tWyNufN1F27eYYV0wke85gBl605O-hoRA==
expires: Thu, 05 Sep 2024 01:46:46 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 9BDC 45 KB
18 KB 7ms
7ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/assets/external/E-v1.js
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 159
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18267
x-served-by: cache-iad-kiad7000093-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Thu, 14 Sep 2023 13:17:53 GMT
server: AmazonS3
x-timer: S1694701303.475581,VS0,VE0
etag: "9273139b4f23d8c9635da27dfe1931ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: de97819d8e7641abb66edea805191c22109fb689
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27, 2

GET
DATA 200
OK truncated
/ Frame 9BDC 8 KB
8 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21

Request headers

Referer
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&RedC=c.clarity.ms&MXFR=3CB78C860FAF63880EF99F0A0BAF6D57
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&MUID=08D48A43103D6B5A149199CF11566A72

42 B
443 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&MUID=08D48A43103D6B5A149199CF11566A72
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DF501A659A348F4B05AE6AEA6B30D75 Ref B: FRAEDGE1516 Ref C: 2023-09-14T14:21:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=578AC403D0DF433ABD1E95BEC4DE58AC&MUID=08D48A43103D6B5A149199CF11566A72
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 rum Show response
theviolentendofamerica.com/cdn-cgi/ 0
72 B 10ms
9ms XHR
text/plain 2606:4700:3031::ac43:af6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theviolentendofamerica.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:af6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8069472b2fdb1e68-FRA
x-frame-options: DENY

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8/ Frame 9BDC 2 MB
2 MB 21ms
21ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 401d4928682a47ae3ab0fdcd92d2d0a52a68cb99d3003e09f9cab6e84f57ef69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 01:46:46 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 736496
edge-cache-tag: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 224
content-length: 1633720
surrogate-key: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ORdVGn74j1zZWKQg1xcKSMSASvcOgIvyqg-KnqZQ0hdqa8Q_mbHR4g==
expires: Thu, 05 Sep 2024 01:46:46 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 9BDC 2 B
328 B 134ms
98ms Fetch
text/plain 2600:9000:2394:ec00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:ec00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: EWknLTz5vK37kiCcnreFALMdM9o_nR5HjvkpG-8yw5shizI0xaQ-Jg==

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0Ft...
https://widget.us.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0Ft...

10 KB
4 KB

320ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0FtbjQlMkJ2T25XTDFXSCUyRkx0QkMyeHZYeSUyQnlQZVJjWWFFclpva2NhcG5HSkZ5NW1sJTJGYWtZOSUyQk1iZDBIOFR6VGc0a0YzbU15MXl1T1UyVWRCNW5COHVocm85akxIQjU0eDhYJTJCNjZmZ1RwVDRnS0FIejJuVTVkVWVDWGFONEZvUlA3c1BSS0pDMEtCWldXeUUlMkJOVnlhYyUzRA&tld=theviolentendofamerica.com&dy=1&fu=https%253A%252F%252Ftheviolentendofamerica.com%252F%253F_ef_transaction_id%253D6f10f4ae15774c07a98bd526258a13ff%2526email%253D&ceid=bcb8d377-63e3-46fa-b623-2f34cf341871&dtycbr=722

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

094746798d8ec50ce653201c01309a4d0a9366fec96d358769453a716c3cff4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12757563
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=107528&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0FtbjQlMkJ2T25XTDFXSCUyRkx0QkMyeHZYeSUyQnlQZVJjWWFFclpva2NhcG5HSkZ5NW1sJTJGYWtZOSUyQk1iZDBIOFR6VGc0a0YzbU15MXl1T1UyVWRCNW5COHVocm85akxIQjU0eDhYJTJCNjZmZ1RwVDRnS0FIejJuVTVkVWVDWGFONEZvUlA3c1BSS0pDMEtCWldXeUUlMkJOVnlhYyUzRA&tld=theviolentendofamerica.com&dy=1&fu=https%253A%252F%252Ftheviolentendofamerica.com%252F%253F_ef_transaction_id%253D6f10f4ae15774c07a98bd526258a13ff%2526email%253D&ceid=bcb8d377-63e3-46fa-b623-2f34cf341871&dtycbr=722
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3112896
timing-allow-origin: *
content-length: 0
expires: 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 374ms
128ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theviolentendofamerica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theviolentendofamerica.com
Date: Thu, 14 Sep 2023 14:21:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 9BDC 125 KB
126 KB 32ms
32ms XHR
application/vnd.apple.mpegurl 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: ea28ceb53bf1f9884496efb889cbb3dd6ffbe1c6bddac44b84de94321d5d6b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:18:32 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 756191
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 80
content-length: 128340
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: d5mvQ2D5ashi-kpKiqsBE5zdQMFwQJN4kZUxJtecW96UjZ9_TXp6wA==
expires: Wed, 04 Sep 2024 20:18:32 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/ Frame 9BDC 247 KB
248 KB 42ms
37ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3d968bba503a74e6ca681b132731b1e8778fdb2b89c3fb18cccafc3472d40a0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 01:12:31 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 392952
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 170
content-length: 253048
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xPbO1lXiSORdiGlD9NdFbaN6-JvuIxXJ9_Ntl22zUmq77Z3KMtnFZg==
expires: Mon, 09 Sep 2024 01:12:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 19ms
11ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277424178260842&ev=Microdata&dl=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&rl=&if=false&ts=1694701303865&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Violent%20End%20of%20America%22%2C%22meta%3Adescription%22%3A%22Porter%20Stansberry%27s%20shocking%20new%20video%20exposes%20the%20%231%20threat%20to%20your%20wealth%20in%202023%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Ftheviolentend.com%2Fend-of-america-asset%2Flanding%2Fimg%2Fvideo-title-screen-v1.jpg%22%2C%22og%3Atitle%22%3A%22The%20Violent%20End%20of%20America%22%2C%22og%3Adescription%22%3A%22Porter%20Stansberry%27s%20shocking%20new%20video%20exposes%20the%20%231%20threat%20to%20your%20wealth%20in%202023%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694701303359.1838966375&it=1694701303127&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Sep 2023 14:21:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/ Frame 9BDC 215 KB
216 KB 33ms
33ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3661adfa834d5090ceefe824ac21d0f533f846e15d8bebeb0fb4875cc62faca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 16:36:32 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 683111
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 114
content-length: 219960
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: L7rcMRvRlfGnx5HmvhwJCBebjT6cSWo08vgIiqml-PWMLQPctXG-9A==
expires: Thu, 05 Sep 2024 16:36:32 GMT

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 9BDC 1 KB
1 KB 11ms
7ms Image
image/gif 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://fast.wistia.net/embed/iframe/xhr8bspm13?autoplay=0&wmode=transparent
Origin: https://fast.wistia.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 363
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000175-IAD, cache-fra-eddf8230136-FRA
x-browser-version: 117
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1694701304.976048,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2206727, 5

GET
H2 200 xhr8bspm13.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 9BDC 1 KB
1 KB 7ms
6ms XHR
application/x-mpegurl 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/xhr8bspm13.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f07b169e75c16fc35b57f94cd71bb5c9f2a0bf301d8c2bf23fe1960a3b8c855d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
via: 1.1 f61b2fd488f2b56ce284c14d3ee66f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 38676
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 37
content-length: 1354
x-request-id: 698a356e-0e16-4ce0-a90b-9c13022475a7
x-served-by: cache-iad-kjyo7100051-IAD, cache-fra-eddf8230088-FRA
x-runtime: 0.036216
x-browser-version: 117
server: envoy
x-timer: S1694701304.975592,VS0,VE0
etag: W/"f07b169e75c16fc35b57f94cd71bb5c9"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nIdRsNHLFotd8AmN2K9fwpsKD-8j6MGo5Bt3A8CfpO62z6viQWhcLA==
x-cache-hits: 18, 3

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/ Frame 9BDC 188 KB
189 KB 61ms
60ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 2134dbd361a8f06b74e1af7fec0861dd70bc94059afe4437f1b76fed76d28503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 16:36:32 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 683112
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 184
content-length: 192888
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4KHY9yzmL_0AoE0zQjyQEfzYKID_CwkkvHTZiimo8bzBZMqsQR41fw==
expires: Thu, 05 Sep 2024 16:36:32 GMT

GET
H2 200 434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 9BDC 125 KB
126 KB 19ms
19ms XHR
application/vnd.apple.mpegurl 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1f62ff6b5b82f36c50748f896f89ec03fe27d9466d4140792c0cce5f1a37c89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 01:46:46 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 736497
edge-cache-tag: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 334
content-length: 128340
surrogate-key: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6hBChd29DDjKhmYhIMuLy2kAQkfIqft7n3kJKXa2Ow5CDfYPaSoSSg==
expires: Thu, 05 Sep 2024 01:46:46 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DA50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_cm&google_hm=ay1rZTEwNmFhWGxyTkhtWERFbGRZVVhJTFRJLU1qc05Ca...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_gid=CAESENrXW_MCo5Uoiqm7qQAxVsI&google_cver=1&google_ula=913071,0

43 B
369 B

16ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_gid=CAESENrXW_MCo5Uoiqm7qQAxVsI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 853338
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ke106aaXlrNHmXDEldYUXILTI-MjsNBk4Q8Hnw&google_gid=CAESENrXW_MCo5Uoiqm7qQAxVsI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame DA50 43 B
146 B 166ms
11ms Image
image/gif 18.194.60.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-A4WDgaaXlrNHmXDEldYUXILTI-NJ2Yi0l9kIWw&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.60.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-60-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DA50
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3209968205154059339

43 B
369 B

41ms
18ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3209968205154059339

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 935519
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
an-x-request-uuid: 820d06d4-1257-40b9-aed2-73fdf4c039d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3209968205154059339
x-proxy-origin: 185.213.155.171; 185.213.155.171; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame DA50 53 B
786 B 197ms
145ms Image
image/gif 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8VIuqaaXlrNHmXDEldYUXILTI-M8RLNGBRokeQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 14:21:44 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 14 Sep 2023 14:21:44 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DA50 0
239 B 58ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lcX_KKaXlrNHmXDEldYUXILTI-Pk4heLwjpQqw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DA50 0
35 B 72ms
9ms Image
text/plain 3.77.247.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-DlXEEaaXlrNHmXDEldYUXILTI-N58fLpqOaKFw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT

GET /
rtb-csync.smartadserver.com/redir/ Frame DA50 0
0

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DA50 0
99 B 55ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-wUo0vqaXlrNHmXDEldYUXILTI-N-hZJ6tgCwNg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13659

GET
H2 200 um
criteo-sync.teads.tv/ Frame DA50 23 B
163 B 77ms
32ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-t9PlcqaXlrNHmXDEldYUXILTI-PTzhr7b3SxOQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Thu, 14 Sep 2023 14:21:44 GMT
pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DA50 37 B
140 B 37ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-g8FN2qaXlrNHmXDEldYUXILTI-NmC0vxGJv5cA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DA50 0
125 B 87ms
14ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-I_5NfaaXlrNHmXDEldYUXILTI-Pplyf_Gtjm5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame DA50 43 B
163 B 94ms
22ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-FYh7VqaXlrNHmXDEldYUXILTI-M3rMzQ0D6Rmw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
last-modified: Fri, 28 Jul 2023 10:22:32 GMT
server: nginx
accept-ranges: bytes
etag: "64c396e8-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DA50 49 B
342 B 114ms
20ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-7TA0VKaXlrNHmXDEldYUXILTI-N5ZUDufJfhQw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:43 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame DA50
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw&C=1

43 B
326 B

52ms
46ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw&C=1
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmTx04MVqMZK56ontzvm5T6z0UrSOLqf%2BdtLH7GwtnAD3%2FfWuVeHmb56ry%2FAEe9wdLW1GaE2L2NKfA%2FOsIbNsLGCpnRhNzkxgjzJcTcpeYOV%2FJQMVJWk9m67q7ayAcsafKtt"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8069472f0f3f1c30-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiYzYh6yxcgD1oKsp8GSkkmd6uUBFjCkZe3G2LBpVwOVp79lCgPHgoekLlH1Jh37sFAE%2Fvsa2aYLR0QmEHeMWLIQIhegecbv3xLdNyguXbfnQHoHx2ZYArbFLBG3yh2awL0y"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-3dA9KaaXlrNHmXDEldYUXILTI-P8t-0nLpIJxw&C=1
cache-control: no-cache
cf-ray: 8069472eceeb1c30-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame DA50
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x

42 B
942 B

30ms
30ms

Image
image/gif

52.215.85.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x

Protocol

HTTP/1.1

Server

52.215.85.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-85-23.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-04729d04e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: d3IiAWcfQmI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-09fd9db29.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bKgE4ku3Tww=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KZzK2IJNqNn4SJTATiG8OdOuqku1nD9x
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 match
ad.360yield.com/ Frame DA50 43 B
199 B 136ms
29ms Image
image/gif 54.77.169.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jMAm1aaXlrNHmXDEldYUXILTI-MIyGLkPYWSYg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.77.169.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-169-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Sep 2023 14:21:44 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame DA50 42 B
274 B 71ms
23ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-_GAtsqaXlrNHmXDEldYUXILTI-N8UG9p2sLbRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:43 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DA50 0
882 B 79ms
10ms Image
text/html 3.65.188.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-_7N_TKaXlrNHmXDEldYUXILTI-PJhvzkPD0Rhg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.188.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-188-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DA50 0
145 B 358ms
87ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Uuk6iaaXlrNHmXDEldYUXILTI-O8uJ7ljJX7ZQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 14:21:44 GMT
Cache-Control: no-cache
X-TraceId: 42344b890545de587616c04bc760e8df
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DA50 42 B
585 B 54ms
15ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Rf_NQKaXlrNHmXDEldYUXILTI-MeE9CkSczy0w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 14 Sep 2023 14:21:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame DA50 43 B
399 B 322ms
104ms Image
image/gif 2600:1f18:612b:4232:333c:fbab:e531:2e93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-06qx7KaXlrNHmXDEldYUXILTI-PuevLQgLWhTQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:333c:fbab:e531:2e93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 14 Sep 2023 14:21:44 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame DA50 43 B
153 B 87ms
26ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-SNSQU6aXlrNHmXDEldYUXILTI-NjPh1832PA9g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Sep 2023 14:21:44 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DA50 0
400 B 53ms
20ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-aME-IqaXlrNHmXDEldYUXILTI-N6zHZZiUSSQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 14:21:44 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 13 Sep 2023 14:21:44 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DA50 0
38 B 117ms
29ms Image
text/plain 34.255.244.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-zstXDqaXlrNHmXDEldYUXILTI-OBkJ2oGYMXVw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame DA50 0
44 B 41ms
7ms Image
text/plain 3.123.197.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-LtqcLqaXlrNHmXDEldYUXILTI-NmvZWX9i2oQg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.197.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-197-153.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
server: awselb/2.0

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/434961dd39ec2e6628c510cf77fb3bc4290f037a.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 401d4928682a47ae3ab0fdcd92d2d0a52a68cb99d3003e09f9cab6e84f57ef69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 01:46:46 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 736497
edge-cache-tag: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 224
content-length: 1633720
surrogate-key: 434961dd39ec2e6628c510cf77fb3bc4290f037a-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yLCPX4QIV8xAdIs-HiiM4g0BtMBZ-SwtEKAXObur5gUQwd-6Jt6OuA==
expires: Thu, 05 Sep 2024 01:46:46 GMT

GET
H2 200 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ Frame 9BDC 125 KB
126 KB 25ms
25ms XHR
application/vnd.apple.mpegurl 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: ea28ceb53bf1f9884496efb889cbb3dd6ffbe1c6bddac44b84de94321d5d6b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:18:32 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 756192
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 80
content-length: 128340
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CHIpgr6w96EYoq_6wJn2OBwqCuLkmyD21D3R4s0OKMmt5yJNRnV9rA==
expires: Wed, 04 Sep 2024 20:18:32 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DA50 0
15 B 14ms
13ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-I_5NfaaXlrNHmXDEldYUXILTI-Pplyf_Gtjm5w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame DA50 43 B
854 B 22ms
19ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-drBUnqaXlrNHmXDEldYUXILTI-OCg699nybxdw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
an-x-request-uuid: 6cf37144-514c-4582-bbfd-7558848f549d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.171; 185.213.155.171; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DA50
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=P4gRnnBs9uqtlZ8apVCE9lNdFQf58evy

0
338 B

104ms
30ms

Image
text/plain

63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=P4gRnnBs9uqtlZ8apVCE9lNdFQf58evy
Protocol: H2
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=23 t=1694701304
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=P4gRnnBs9uqtlZ8apVCE9lNdFQf58evy
date: Thu, 14 Sep 2023 14:21:43 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 614248
content-length: 0

POST
H2 204 x
distillery.wistia.com/ Frame 9BDC 0
0 120ms
101ms Fetch 13.225.78.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-50.fra2.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: 6x4J6ONcJzXJfYGzrNMT9a7xTiwahcLmGnhuTUTqOG-I4qwvvFd9HA==

GET
H2

200

cs
s.thebrighttag.com/ Frame DA50
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wClJS1ktzv2tcYGm1bVQuaKhfLFrDxQN

35 B
268 B

366ms
118ms

Image
image/gif

3.130.41.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wClJS1ktzv2tcYGm1bVQuaKhfLFrDxQN
Protocol: H2
Server: 3.130.41.166 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-41-166.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:44 GMT
x-bt-requestid: 082a6ac0-530a-11ee-bf9d-0000ac1700e3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=wClJS1ktzv2tcYGm1bVQuaKhfLFrDxQN
date: Thu, 14 Sep 2023 14:21:44 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 851042
content-length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 9BDC 2 B
327 B 99ms
98ms Fetch
text/plain 2600:9000:2394:ec00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:ec00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://fast.wistia.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Sep 2023 14:21:44 GMT
via: 1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: UwfLPUGqtolng6O7gQhHGYLf0rvspczjMy-Me3TkIaELxzibpyDtTA==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 99ms
99ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theviolentendofamerica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theviolentendofamerica.com
Date: Thu, 14 Sep 2023 14:21:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 seg-5-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/ Frame 9BDC 288 KB
289 KB 34ms
34ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/seg-5-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: baf9e85bda5edb9bd73004970f9be8d5e0dbb06296f2da2052431dcbb3150bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:36:52 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 269094
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 235
content-length: 295160
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7DnrVPxSRA0tBbpTQIL_v28CrNjiD7C31m7y7Uanc3Q3_NV-BqiPWg==
expires: Tue, 10 Sep 2024 11:36:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GGEE0DBQV3&gtm=45je39b0&_p=1576370472&cid=59885156.1694701303&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694701303&sct=1&seg=0&dl=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&dt=The%20Violent%20End%20of%20America&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGEE0DBQV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theviolentendofamerica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 14:21:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theviolentendofamerica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 empty.html Show response
static.criteo.net/ Frame EB09 111 B
449 B 62ms
18ms Document
text/html 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/empty.html

Requested by

Host: theviolentendofamerica.com
URL: https://theviolentendofamerica.com/?_ef_transaction_id=6f10f4ae15774c07a98bd526258a13ff&email=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://theviolentendofamerica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31104000 public
content-encoding: gzip
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 14:21:49 GMT
etag: W/"63dbe1a8-6f"
expires: Sun, 08 Sep 2024 14:21:49 GMT
last-modified: Thu, 02 Feb 2023 16:15:36 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 seg-6-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/ Frame 9BDC 323 KB
324 KB 34ms
33ms XHR
video/mp2t 2600:9000:211a:6600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/5788cf88a67f4ea41fd19e3d5e4a902b4ded652c.m3u8/seg-6-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:6600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 78f754f3ddfd17a6da0eac264f9c1edc86f81dda8bd145c98a74c25b062ba8de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 11:36:55 GMT
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: VIE50-C2
age: 269094
edge-cache-tag: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 73
content-length: 331256
surrogate-key: 5788cf88a67f4ea41fd19e3d5e4a902b4ded652c-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6UF88q4HzmpPW9ONK5S813mtMqRKqjE4zIsyd7cwHTmKdTdEhKf8Lg==
expires: Tue, 10 Sep 2024 11:36:55 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
306 B 96ms
96ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://theviolentendofamerica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://theviolentendofamerica.com
Date: Thu, 14 Sep 2023 14:21:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=995f144b-fb6c-4e32-e6b3-1f5f0096d652&url=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&cache=1694701302597

Domain: fast.wistia.net
URL: https://fast.wistia.net/assets/external/insideIframe.js

Domain: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-CirsJaaXlrNHmXDEldYUXILTI-NoZ1ij-macWg

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.p1nptrk.com/	1970-01-20 14:55:06	Name: uniqueClick_34NZM4 Value: 05c1cc0f-c936-49fd-b244-3e49ec07e09b:1694701301
www.p1nptrk.com/	1970-01-20 16:54:37	Name: transaction_id Value: 6f10f4ae15774c07a98bd526258a13ff
theviolentendofamerica.com/	1970-01-20 14:45:08	Name: XSRF-TOKEN Value: eyJpdiI6IkNjZWJYUlhMM1NzSC9BdWlIczZWVlE9PSIsInZhbHVlIjoiZVZOMUthQjRZempKM3ZKaWNHZXZBQlpoTkpNQ0dCTXdWZTdTNmN6N3hpcjRNQkV1UzhxZndNU1MxRlRpcERxbEpxR1hTaHpMS0RqZHBUNFl2d05wVGRsQ3JqOWVrek82ZDFDc1JZR01uL2RBMURaQ3MzWXBIMkRIbTRMOHk1MWUiLCJtYWMiOiIyMDdkMmU2YmFiMmViMWY0ZmI4ZjU3YzQ5MDVlMDAzMjVmMzBmYjVmZDFjZjRlNGJlMTU2M2UyMTE5MDc0YWNkIiwidGFnIjoiIn0%3D
theviolentendofamerica.com/	1970-01-20 14:45:08	Name: porter_session Value: eyJpdiI6IlovVVZDdUZnTm8rQzQ5TGtJRHpnQlE9PSIsInZhbHVlIjoiekE4Zm9Xa2JMRkFBVDdKM2JnRzV5K205eEp4U1JZMFd5N2VOekdwelRrR3F5bjdDd2U5YlZyNDNoUlZ2MFh6TDRRS1Z6V2pObDIvcnVEcytXdnJrK0pIa1Y5RGprMDRFaitOYjhzWkVnblVaZ0YrcUd0MDVpcFVTOFpHa0lVSXkiLCJtYWMiOiJlNjlmZGMzMTRhNThlM2M4ZmIxNGU5NTdlMzRkNjUzNTc3YjU4ZTZjN2UyYjU0NTU5MTBiNGI1YWEwZDJlOGQxIiwidGFnIjoiIn0%3D
dev.visualwebsiteoptimizer.com/	1970-01-20 17:09:01	Name: uuid Value: DB520782D4F8C5E87B1031D5F0B8ED395
.theviolentendofamerica.com/	1970-01-20 23:32:03	Name: _vwo_uuid_v2 Value: D0F8BF3C94156CB8DF10D52DBCB70ED46\|dad48dfd369be223272dcef8202a8bd8
.www.portersnextwarning.com/	1970-01-20 14:45:03	Name: __cf_bm Value: lHvSxOLB4AN577GcBHzlnCXgOspBgz1TsQRNDqHCe2I-1694701301-0-AeC+SbM+IJwE7oL7mVr2RhyEnkuupb3okuER8o4QRotWoaH2lYqFxle2xc7meMweyMsXD6EEGVsaAjNCn5bWfPAnz3LNQB62gpYwfDlDtVB1
.www.portersnextwarning.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Hac8Soph66fwi.BdPWvkN0rNAvY.Th_Lq4FRWU5w824-1694701301979-0-604800000
.theviolentendofamerica.com/	1970-01-21 00:21:01	Name: _vwo_uuid Value: D1F6E191FED7E4B478B61AE3A0E6C0A37
.theviolentendofamerica.com/	1970-01-20 17:09:01	Name: _vis_opt_s Value: 1%7C
.theviolentendofamerica.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.theviolentendofamerica.com/	1970-01-20 17:09:01	Name: _vis_opt_exp_16_combi Value: 1
.theviolentendofamerica.com/	1970-01-20 14:45:03	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
dev.visualwebsiteoptimizer.com/	1970-01-21 00:21:01	Name: _vwo_ssm Value: 1
theviolentendofamerica.com/	1970-01-20 23:30:37	Name: addevent_track_cookie Value: 995f144b-fb6c-4e32-e6b3-1f5f0096d652
theviolentendofamerica.com/	1970-01-20 23:30:37	Name: _ef_transaction_id Value: 6f10f4ae15774c07a98bd526258a13ff
theviolentendofamerica.com/	1970-01-20 23:30:37	Name: email Value:
.theviolentendofamerica.com/	1970-01-20 16:54:37	Name: _gcl_au Value: 1.1.632667114.1694701303
.theviolentendofamerica.com/	1970-01-20 16:54:37	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241694701301%3A23.11192513%3A%3A%3A5_0%2C4_0%3A0
.theviolentendofamerica.com/	1970-01-20 14:46:27	Name: _uetsid Value: 07397b30530a11eea5db259171ef77de
.theviolentendofamerica.com/	1970-01-21 00:06:37	Name: _uetvid Value: 0739e2b0530a11eea182ff28d4c1157c
.bing.com/	1970-01-21 00:06:37	Name: MUID Value: 08D48A43103D6B5A149199CF11566A72
.theviolentendofamerica.com/	1970-01-21 00:21:01	Name: _ga Value: GA1.1.59885156.1694701303
.theviolentendofamerica.com/	1970-01-21 00:21:01	Name: _ga_GGEE0DBQV3 Value: GS1.1.1694701303.1.0.1694701303.0.0.0
www.clarity.ms/	1970-01-20 23:30:37	Name: CLID Value: cef3ba4fd54846b9adf569c4238b2de1.20230914.20240913
.theviolentendofamerica.com/	1970-01-20 16:54:37	Name: _fbp Value: fb.1.1694701303359.1838966375
.criteo.com/	1970-01-21 00:06:37	Name: uid Value: 2317c51f-24d4-4efb-846a-d11dda680844
.theviolentendofamerica.com/	1970-01-20 23:30:37	Name: _clck Value: l08466\|2\|ff0\|0\|1352
.theviolentendofamerica.com/	1970-01-21 00:14:25	Name: cto_bundle Value: OR-ALF9NQjZEYW9ua2J1ZEM2VHpWZFA2QTlaR0FtbjQlMkJ2T25XTDFXSCUyRkx0QkMyeHZYeSUyQnlQZVJjWWFFclpva2NhcG5HSkZ5NW1sJTJGYWtZOSUyQk1iZDBIOFR6VGc0a0YzbU15MXl1T1UyVWRCNW5COHVocm85akxIQjU0eDhYJTJCNjZmZ1RwVDRnS0FIejJuVTVkVWVDWGFONEZvUlA3c1BSS0pDMEtCWldXeUUlMkJOVnlhYyUzRA
.c.bing.com/	1970-01-20 14:55:06	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:06:37	Name: SRM_B Value: 08D48A43103D6B5A149199CF11566A72
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:06:37	Name: MUID Value: 08D48A43103D6B5A149199CF11566A72
.c.clarity.ms/	1970-01-20 14:55:06	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:45:01	Name: ANONCHK Value: 0
.theviolentendofamerica.com/	1970-01-20 14:46:27	Name: _clsk Value: 6ubna2\|1694701303983\|1\|1\|x.clarity.ms/collect
.adnxs.com/	1970-01-20 16:54:37	Name: uuid2 Value: 3209968205154059339
.casalemedia.com/	1970-01-20 23:30:37	Name: CMID Value: ZQMW.Ht7-qcopXSIp-yxXQAA
.casalemedia.com/	1970-01-20 16:54:37	Name: CMPS Value: 1204
.casalemedia.com/	1970-01-20 16:54:37	Name: CMPRO Value: 1204
.adnxs.com/	1970-01-20 16:54:37	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In2u8FEE!]tbPl@/D!9hy6]/Cr.)fA2xP3NShPfRqndWsE`/w1@tioR7kEEYIglN<Q4<zMtBn@_ZWj_(W%nugO%v4VB%nrtL+p9r1
.omnitagjs.com/	1970-01-20 15:28:13	Name: ayl_visitor Value: c060606d503ed1b1251a76f4d774c89a
.doubleclick.net/	1970-01-21 00:06:37	Name: IDE Value: AHWqTUlWq4ney23thzYEgyqtp-Y4EYrUzq6aVtj1SMDtkD02btv8C2mYyr4gvm8RF48
.demdex.net/	1970-01-20 19:04:13	Name: demdex Value: 46599305542652567253068297481628662199
.media.net/	1970-01-20 23:30:37	Name: visitor-id Value: 3377029048397978000V10
.media.net/	1970-01-20 15:28:13	Name: data-c-ts Value: 1694701304
.media.net/	1970-01-20 15:28:13	Name: data-c Value: k-8VIuqaaXlrNHmXDEldYUXILTI-M8RLNGBRokeQ~~3
.pubmatic.com/	1970-01-20 15:28:13	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Rf_NQKaXlrNHmXDEldYUXILTI-MeE9CkSczy0w&KRTB&23144-uid:k-Rf_NQKaXlrNHmXDEldYUXILTI-MeE9CkSczy0w&KRTB&23286-uid:k-Rf_NQKaXlrNHmXDEldYUXILTI-MeE9CkSczy0w&KRTB&23287-uid:k-Rf_NQKaXlrNHmXDEldYUXILTI-MeE9CkSczy0w
.pubmatic.com/	1970-01-20 15:28:13	Name: PugT Value: 1694701303
exchange.mediavine.com/	1970-01-20 15:05:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2207e54b70-530a-11ee-8b61-67ceec2e4406%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:05:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2207e54b70-530a-11ee-8b61-67ceec2e4406%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:05:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2207e54b70-530a-11ee-8b61-67ceec2e4406%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:05:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2207e54b70-530a-11ee-8b61-67ceec2e4406%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:05:10	Name: criteo Value: %7B%22id%22%3A%22k-_7N_TKaXlrNHmXDEldYUXILTI-PJhvzkPD0Rhg%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 19:04:13	Name: dpm Value: 46599305542652567253068297481628662199
.krxd.net/	1970-01-20 19:04:13	Name: _kuid_ Value: Py7GcnLF
.tremorhub.com/	1970-01-20 23:30:58	Name: tvid Value: 7b423641813f402dac65df11e4e321af
.tremorhub.com/	1970-01-20 15:28:13	Name: tv_UICR Value: k-06qx7KaXlrNHmXDEldYUXILTI-PuevLQgLWhTQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=995f144b-fb6c-4e32-e6b3-1f5f0096d652&url=https%3A%2F%2Ftheviolentendofamerica.com%2F%3F_ef_transaction_id%3D6f10f4ae15774c07a98bd526258a13ff%26email%3D&cache=1694701302597 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn2.decide.dev
click.harmoniandebate.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dev.visualwebsiteoptimizer.com
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
embed-cloudfront.wistia.com
exchange.mediavine.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
p.typekit.net
pipedream.wistia.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
theviolentendofamerica.com
track.addevent.com
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.harmoniandebatenwl.com
www.p1nptrk.com
www.portersnextwarning.com
x.bidswitch.net
x.clarity.ms
fast.wistia.net
rtb-csync.smartadserver.com
track.addevent.com
128.245.147.132
13.225.78.50
141.226.228.48
142.250.186.162
151.139.128.10
172.64.148.101
178.250.1.11
178.250.1.9
18.194.60.143
185.255.84.152
198.47.127.205
20.114.190.119
2001:4860:4802:34::36
23.218.208.23
23.32.185.35
23.35.237.75
2600:1f18:612b:4232:333c:fbab:e531:2e93
2600:9000:211a:6600:1e:c86:4140:93a1
2600:9000:2394:ec00:3:471f:5240:93a1
2606:4700:3031::ac43:af6d
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6810:cc2
2606:4700:e0::ac40:670b
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a02:2638:3::3
2a02:2638:3::e
2a02:2638:d::d
2a02:26f0:480:f::213:7ece
2a02:26f0:780::210:a469
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::644
2a06:98c1:3120::3
3.123.197.153
3.130.41.166
3.65.188.50
3.71.149.231
3.77.247.132
34.102.165.129
34.117.157.22
34.255.244.27
34.96.102.137
37.157.4.29
37.252.172.123
52.215.85.23
54.77.169.39
63.33.100.143
64.202.112.159
68.219.88.97
69.173.144.138
74.119.119.150
76.223.111.18
85.215.5.31
094746798d8ec50ce653201c01309a4d0a9366fec96d358769453a716c3cff4b
0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0e2bbe173a81a58fe887105095c0b7eb027b78523d46c8dfea962f6407cc0f8a
1169b73641d873f00fac352b0709528742cb5cf64c9b569f82230ba4982b72f8
1303ad3dbd0a38613902bb5e3859b896203ff360b2a8947c198736cf01bd2e26
1b509a5fb33bb511052f63e26f68220e1e90df7a0164b28d617059159fdb3240
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f62ff6b5b82f36c50748f896f89ec03fe27d9466d4140792c0cce5f1a37c89e
2134dbd361a8f06b74e1af7fec0861dd70bc94059afe4437f1b76fed76d28503
224af160e5a2176dabf981a2e946544dd493b7d1b3bf16de9db9356230dbbeb0
24f7cd37795b4af931607af4069fd1e34441fe2999a4ded68c13f3e76197bb84
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3661adfa834d5090ceefe824ac21d0f533f846e15d8bebeb0fb4875cc62faca0
391be06e9bd8cf80c781254de748bbfae4b1290314d2c0a1cfba29fbf74614ae
39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461
3d968bba503a74e6ca681b132731b1e8778fdb2b89c3fb18cccafc3472d40a0e
3dfc2643cc1ccf0320bf24fa0cfa470721a3f4aedfd49de64a5d13f22900108f
401d4928682a47ae3ab0fdcd92d2d0a52a68cb99d3003e09f9cab6e84f57ef69
41323159445fea29848621b3002cc1d65a657136808b1b1922d7a933d3a71c23
4236ee4207e1be90de5c2d64bcf193cf7a5d979816719fdd1d0b26a6d7489423
43e9a2fdfbd2b7b94c2bb186eb138e48fb87a96354d7dd77c1d9f9e431a6b570
479e242486eafa2dc1c88918131d0c5fa9faeeb94b79bb6a637acf4c10e1a75d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527b41cc413c2b5f0307af2e950d9d767eca38bcd963aae095c57363dccbf1c2
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
659eb28077f53acb0d0831d20e4179afe6bad0a4353be56ced0026004a34c278
66b2b99be59f28f608d5a62ef50aae82f229d6fb9b9d44cf928ca667fd191bfc
68b8f37832d40fad29129bde52f9241ad380aa1fec8e5f320d8f2e14cf14a921
6a7558ecf6a9fe656f5dd7f20c14ac7962b0dbd8f614a46619b44e187475ebd9
6ee3411377123099a79ce77538a2a824cba204d7c37d02464aee63aaf13b53ff
78f754f3ddfd17a6da0eac264f9c1edc86f81dda8bd145c98a74c25b062ba8de
7e2e9682aa6a8e9bc3e3321f1ba5d071dcead737cf78cf513b356cc030efbd11
7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856259c2193b33de46da370f5f2b93d54a791493265342832c6c4b3caba81dac
8a3343c417818542610c8c7ca20808de3f2cc1c71c960b1900ca186f11a15c32
8cfec62c364c089175e62d9bdfaddf70be2aa43253fb6a147f3968a3011c66bc
9217616f104d71b1a1d6dc548d6f34360acecaf65116d77dbda8c0690f213eb6
938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21
939c52b61df42d9bf9ff58f4c8ad4c2e67f8b935b97cc74930245c3447837e45
96bdbfc5920f60b62c1887eb76735c3780b77303ae572773a958e0d3cc2c7d26
97909381904d8e94fb354f9ae96f03023816433483bace2727dafbc031122d6d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a52e1a46ec648fe866225ea332e269742e2202ef82fda621c65b6e92e5edbd17
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
a6cbc6f2dea20b288ddb809ed831e9c92add8f3b6d81abdbc51a6a5d04b9ea30
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
adc874a577e654ef40bb6a6b6e27d4d70d1b59e076542785981861babe2f9b1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b235dc8a24a740947ab517f6afa72b6ffc8fb69bf4c1bc348c6c403cc9783b79
b34b934f43c9e2960df63379e7a3d43413fe70d1bb014c3658c434daceb8a98b
b5d9a2255c5d56bee7e19b3c7a4b2abb623a70fb4b0641f1f8bc793b7bd09441
bae30c76ae7c077c422794b8e1d94a3b7286b8e03a159306fa8091f3faaad23e
baf9e85bda5edb9bd73004970f9be8d5e0dbb06296f2da2052431dcbb3150bae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c33c24e71c543a037db8cb8a91dda8abad821d2658af677370b623e82b549390
c6ef87514f885d15cb7f9258fa79968706196960860701027c84a8a06f5826ab
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cd532c10b97592f6e53c4b99c0637a5dbcb7ad8a533918ca1a460926f4d83692
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dfb3c7afa00edab87b58093de050afee47aaa74d9676d23e971d6349bb401191
e08fc72de4465513b95b140d6cfc47b9d8d7c59d91c02f4fa1be947047914168
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea28ceb53bf1f9884496efb889cbb3dd6ffbe1c6bddac44b84de94321d5d6b73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07b169e75c16fc35b57f94cd71bb5c9f2a0bf301d8c2bf23fe1960a3b8c855d
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

theviolentendofamerica.com Open in urlscan Pro 2606:4700:3031::ac43:af6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

89 %HTTPS

43 %IPv6

53 Domains

66 Subdomains

58 IPs

6 Countries

9586 kBTransfer

14864 kBSize

58 Cookies

2 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theviolentendofamerica.com Open in urlscan Pro
2606:4700:3031::ac43:af6d Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

89 %
HTTPS

43 %
IPv6

53
Domains

66
Subdomains

58
IPs

6
Countries

9586 kB
Transfer

14864 kB
Size

58
Cookies

126 HTTP transactions
1 data transactions