urlscan.io logo urlscan.io
SecurityTrails logo

resistthemainstream.org Open in urlscan Pro
2606:4700:20::ac43:442c  Public Scan

Go To Rescan Add Verdict Report
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 9 countries across 70 domains to perform 312 HTTP transactions. The main IP is 2606:4700:20::ac43:442c, located in United States and belongs to CLOUDFLARENET, US. The main domain is resistthemainstream.org.
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.
This is the only time resistthemainstream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 172.66.41.9 13335 (CLOUDFLAR...)
21 104.19.136.78 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.47 60068 (CDN77 ^_^)
4 104.154.142.214 15169 (GOOGLE)
1 2 67.202.105.32 32748 (STEADFAST)
2 13 2.18.234.21 16625 (AKAMAI-AS)
1 51.89.9.254 16276 (OVH)
4 4 198.47.127.18 62713 (AS-PUBMATIC)
7 8 142.250.185.98 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 198.47.127.20 62713 (AS-PUBMATIC)
4 8 185.33.220.100 29990 (ASN-APPNEX)
2 9 35.244.159.8 15169 (GOOGLE)
3 3 3.126.56.137 16509 (AMAZON-02)
3 3 213.19.147.45 3356 (LEVEL3)
3 5 15.197.193.217 16509 (AMAZON-02)
1 1 64.74.236.31 19024 (INTERNAP-...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 52.19.63.112 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 35.157.177.200 16509 (AMAZON-02)
2 2 38.27.122.158 174 (COGENT-174)
1 1 169.50.137.182 36351 (SOFTLAYER)
2 2 216.52.2.30 30282 (AS-INAPCD...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 208.100.17.176 32748 (STEADFAST)
1 2 52.46.133.124 16509 (AMAZON-02)
1 35.241.40.233 15169 (GOOGLE)
4 4 51.178.20.140 16276 (OVH)
1 72.251.241.206 29791 (VOXEL-DOT...)
2 2 151.101.130.49 54113 (FASTLY)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:21f... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
33 104.19.133.78 13335 (CLOUDFLAR...)
1 2a03:90c0:41:... 199524 (GCORE)
1 2a06:8640:506... 55081 (24SHELLS)
2 6 23.37.42.132 16625 (AKAMAI-AS)
1 104.19.216.61 13335 (CLOUDFLAR...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
5 5 3.120.169.248 16509 (AMAZON-02)
1 1 52.57.216.146 16509 (AMAZON-02)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 69.173.144.139 26667 (RUBICONPR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
1 204.62.13.72 46636 (NATCOWEB)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 52.16.241.140 16509 (AMAZON-02)
1 151.101.130.132 54113 (FASTLY)
6 54.88.209.254 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 69.173.144.165 26667 (RUBICONPR...)
13 52.6.82.211 14618 (AMAZON-AES)
1 52.73.58.55 14618 (AMAZON-AES)
17 2.16.186.146 20940 (AKAMAI-ASN1)
2 2.18.233.180 16625 (AKAMAI-AS)
3 185.86.137.17 201081 (SMARTADSE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 185.86.137.32 201081 (SMARTADSE...)
1 198.47.127.19 3257 (GTT-BACKB...)
1 185.33.221.50 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2620:112:f000... 6336 (TURN-US-ASN)
2 2 52.49.238.187 16509 (AMAZON-02)
1 2 52.17.84.146 16509 (AMAZON-02)
1 1 18.210.180.232 14618 (AMAZON-AES)
1 18.235.247.154 14618 (AMAZON-AES)
1 2 18.213.10.151 14618 (AMAZON-AES)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 141.95.34.104 16276 (OVH)
1 2.18.232.130 16625 (AKAMAI-AS)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 37.157.2.234 198622 (ADFORM)
7 142.250.185.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
1 142.250.186.98 ()
312 74
26    2606:4700:20::ac43:442c (United States)

ASN13335 (CLOUDFLARENET, US)
resistthemainstream.org
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
21    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    2606:4700:20::681a:fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
talk.hyvor.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:21f3:9400:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
9    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
4    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
2    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
13    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
8    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
playbuzzltd-d.openx.net
eu-u.openx.net
us-u.openx.net
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    64.74.236.31 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    52.19.63.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    35.157.177.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    208.100.17.176 (United States)

ASN32748 (STEADFAST, US)
PTR: ip176.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
4    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
11    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
15    2600:9000:21f3:c00:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
4    2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
33    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
1    2a06:8640:506:0:ec4:7aff:fec2:7e6e (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.57.216.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-216-146.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    52.16.241.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-241-140.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
6    54.88.209.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-209-254.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
13    52.6.82.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-82-211.compute-1.amazonaws.com
track1.aniview.com
atrack.avplayer.com
1    52.73.58.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-55.compute-1.amazonaws.com
premiumsrv.aniview.com
17    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a05:d018:d29:3602:c036:7711:2b3c:f287 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:112:f000:bbbb::11 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    18.210.180.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-180-232.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    18.235.247.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-247-154.compute-1.amazonaws.com
sync.aniview.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
9    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    141.95.34.104 (France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com
id5-sync.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pubads.g.doubleclick.net
3    2a00:1450:400c:c06::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:6a::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr4---sn-4g5ednsl.googlevideo.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4013:c05::8a (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
s.youtube.com
1    142.250.186.98 (None, )

ASN- ()
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
55 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
video-native.mgid.com
cm.mgid.com
916 KB
31 doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
91 KB
26 resistthemainstream.org
resistthemainstream.org
521 KB
24 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
1 MB
18 infolinks.com
resources.infolinks.com
router.infolinks.com
148 KB
16 lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn1.lockerdomecdn.com
249 KB
15 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
206 KB
13 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
15 KB
12 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
89 KB
12 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
13 KB
11 youtube.com
www.youtube.com
s.youtube.com
696 KB
11 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
1 MB
10 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
24 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
115 KB
9 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
22 KB
9 openx.net
u.openx.net
playbuzzltd-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
5 smartadserver.com
ssbsync.smartadserver.com
www9.smartadserver.com
prg.smartadserver.com
2 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 google.com
www.google.com
adservice.google.com
15 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 2mdn.net
s0.2mdn.net
66 KB
4 dyntrk.com
gu.dyntrk.com
2 KB
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
4 lockerdome.com
lockerdome.com
86 KB
3 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 googlevideo.com
rr4---sn-4g5ednsl.googlevideo.com
821 KB
2 adform.net
c1.adform.net
924 B
2 eqads.com
um2.eqads.com
563 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 360yield.com
ad.360yield.com
615 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
760 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 creativecdn.com
creativecdn.com
687 B
2 ytimg.com
i.ytimg.com
52 KB
2 ggpht.com
yt3.ggpht.com
4 KB
2 everesttech.net
sync-tm.everesttech.net
647 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 bnmla.com
match.bnmla.com
1 KB
2 advertising.com
pixel.advertising.com
676 B
2 1rx.io
sync.1rx.io
1 KB
2 tynt.com
de.tynt.com
710 B
2 hyvor.com
talk.hyvor.com
5 KB
1 googleadservices.com
www.googleadservices.com
1 quantserve.com
pixel.quantserve.com
499 B
1 mathtag.com
sync.mathtag.com
612 B
1 id5-sync.com
id5-sync.com
541 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
382 B
1 turn.com
ad.turn.com
425 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 admixer.net
inv-nets.admixer.net
463 B
1 zeotap.com
mwzeom.zeotap.com
460 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
319 B
1 lentainform.com
cm.lentainform.com
495 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
891 B
1 adgrx.com
cm.adgrx.com
408 B
1 brand-display.com
dmp.brand-display.com
253 B
1 33across.com
ssc-cms.33across.com
72 B
1 rfihub.com
p.rfihub.com
757 B
1 simpli.fi
um.simpli.fi
609 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 onetag-sys.com
onetag-sys.com
823 B
1 omappapi.com
a.omappapi.com
59 KB
1 googletagmanager.com
www.googletagmanager.com
61 KB
312 70
Domain Requested by
33 s-img.mgid.com jsc.mgid.com
26 resistthemainstream.org resistthemainstream.org
17 mcd.ex.co player.avplayer.com
16 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
15 cdn1.lockerdomecdn.com lockerdome.com
11 track1.aniview.com player.aniview.com
11 googleads.g.doubleclick.net 1 redirects www.youtube.com
10 pagead2.googlesyndication.com srcdoc
imasdk.googleapis.com
tpc.googlesyndication.com
9 imasdk.googleapis.com player.aniview.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
9 www.youtube.com resistthemainstream.org
www.youtube.com
8 cm.mgid.com jsc.mgid.com
8 ib.adnxs.com 4 redirects player.aniview.com
acdn.adnxs.com
8 cm.g.doubleclick.net 7 redirects u.openx.net
7 pubads.g.doubleclick.net imasdk.googleapis.com
6 prd-collector-anon.ex.co player.ex.co
5 x.bidswitch.net 5 redirects
5 cdn.mgid.com resistthemainstream.org
jsc.mgid.com
5 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
u.openx.net
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 adservice.google.com imasdk.googleapis.com
4 s0.2mdn.net imasdk.googleapis.com
4 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
player.aniview.com
4 stats.g.doubleclick.net lockerdome.com
4 gu.dyntrk.com 4 redirects
4 image8.pubmatic.com 4 redirects
4 lockerdome.com cdn2.lockerdomecdn.com
4 jsc.mgid.com resistthemainstream.org
jsc.mgid.com
3 csi.gstatic.com imasdk.googleapis.com
3 www9.smartadserver.com player.aniview.com
3 ups.analytics.yahoo.com 3 redirects
3 u.openx.net 2 redirects player.aniview.com
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 www.google-analytics.com www.googletagmanager.com
cdn2.lockerdomecdn.com
www.google-analytics.com
2 s.youtube.com blank
2 atrack.avplayer.com
2 tpc.googlesyndication.com imasdk.googleapis.com
tpc.googlesyndication.com
2 rr4---sn-4g5ednsl.googlevideo.com 1 redirects
2 c1.adform.net 2 redirects
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 bcp.crwdcntrl.net 1 redirects ssum.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 hbopenbid.pubmatic.com player.aniview.com
2 playbuzzltd-d.openx.net player.aniview.com
2 ads.pubmatic.com player.aniview.com
2 token.rubiconproject.com eus.rubiconproject.com
2 player.aniview.com player.ex.co
player.aniview.com
2 ad.360yield.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 creativecdn.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 servicer.mgid.com jsc.mgid.com
2 c.mgid.com jsc.mgid.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects
2 match.bnmla.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.1rx.io 2 redirects
2 image4.pubmatic.com 2 redirects
2 de.tynt.com 1 redirects router.infolinks.com
2 talk.hyvor.com resistthemainstream.org
2 resources.infolinks.com resistthemainstream.org
2 fonts.googleapis.com resistthemainstream.org
client
1 www.googleadservices.com
1 pixel.quantserve.com 1 redirects
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com player.aniview.com
1 id5-sync.com player.aniview.com
1 sync.aniview.com ssum.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 secure.adnxs.com ssum.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 prg.smartadserver.com player.aniview.com
1 ssum.casalemedia.com player.aniview.com
1 premiumsrv.aniview.com player.aniview.com
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 cm.idealmedia.io
1 inv-nets.admixer.net
1 mwzeom.zeotap.com
1 pixel.rubiconproject.com
1 ssbsync.smartadserver.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 cm.lentainform.com
1 s.adtelligent.com cm.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 um.simpli.fi 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 a.omappapi.com resistthemainstream.org
1 cdn2.lockerdomecdn.com resistthemainstream.org
1 www.googletagmanager.com resistthemainstream.org
0 sync.adtelligent.com Failed s.adtelligent.com
312 113
Subject Issuer Validity Valid
*.resistthemainstream.org
R3		 2021-09-21 -
2021-12-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
a.omappapi.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Frame ID: A9121FAB6BAD5469FCB28976BA61AE44
Requests: 153 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Frame ID: 48AA87AA33F849406A304427C86B886D
Requests: 18 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Frame ID: 67231868B571BA8FC51E63137A6C1F3B
Requests: 17 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Frame ID: 8EC15D268231DD61A0AE5EA3AC9D32F8
Requests: 10 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 5F7BE7FDA42CA4D3C6F61653D036BBDD
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: 7B614B9DB3307A8FB16644998027EAC0
Requests: 6 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Frame ID: 9A7A0BF516855136F3776F252D9043DF
Requests: 18 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: 0901AB136D1EA6301FB161C1DB2EEDCE
Requests: 4 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: E8592266FA049C5B537048F5BBB1C3D7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 65812E514E09A13634845A9C4664ADD5
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: DFAB0DD95CA8045F7FAC675769ECA38E
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1636487086572143377513
Frame ID: 9491AAFA2C71AD1D7534DE1C0B043D65
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: E12D4FAC6643671203690914826DCBBC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: EC74E42CC033F98F8201766AD42937E2
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 018C9EB747ED18F28195BC243F535199
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D1%26key%3D
Frame ID: E3605DD2D88661D8FC0BD6D7FD7B8ED0
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Frame ID: 5786179FE20F92DA31552DE25F2092AD
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 114AB532912773F57202C395E7EAA422
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: FAA9D1A3D420DA36D9CDF79D9C5B33CA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0086435C694E9EF3B48B23D454812A38
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B5CE93C60D361A67FAC1914C53B22C6F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D64BD53CD91EFD2FADBF3350A56FC767
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5E5D786524E9744B36C94C5A678C3267
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: A86D21B51E5FD46A8DCCEE195B18D946
Requests: 25 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 210E69C25227231C77D4DB2C213DCAC7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 2E9266B59F48B9733B14CF833AC24A19
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: D9963D2C87F1EC77A3B9F248A6563AD4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 512F00D07A25FD8501C2E496B536710B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A5CD2AA34D6451D37671BD84CC126DFD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 87187B5AEE471319E76287B0DFA83D93
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4E16E8221DFF1344D45D58448835EA6C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: F15D0F5C17BB21840E1EB3F57173A695
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DE415516492C057DC179343674052F32
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E5EEE4429EF73CEA0926FFD6AD89FF22
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 4EB05D766932497D7BBD43B96575B715
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44737473%2C44752052&el=adunit&cpn=xLGaWm1lxOPpKkVd&docid=q-8UJhCaKHk&ver=2&cmt=0.191&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fresistthemainstream.org%2F&len=14.002&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=95.0.4638.54&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=12&rtn=10
Frame ID: 2D53BCFB55F61A7DC1EC0592EF8A943F
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.234&rtn=14.002&ns=yt&fexp=44737473%2C44752052&el=adunit&cpn=xLGaWm1lxOPpKkVd&docid=q-8UJhCaKHk&ver=2&cmt=10.234&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fresistthemainstream.org%2F&len=14.002&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=95.0.4638.54&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 92ABE808FA71E890557FF774370E7DD2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Neighbors Build Home for Veteran: ‘He’s Always Got a Place Here’

Page Statistics

312
Requests

88 %
HTTPS

32 %
IPv6

70
Domains

113
Subdomains

74
IPs

9
Countries

6848 kB
Transfer

16283 kB
Size

105
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 57
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 59
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc3MDQwNjEtQkU3OS00NEVFLTlFQ0UtNjU5QTZFRDVCQzVE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc3MDQwNjEtQkU3OS00NEVFLTlFQ0UtNjU5QTZFRDVCQzVE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D97704061-BE79-44EE-9ECE-659A6ED5BC5D HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=97704061-BE79-44EE-9ECE-659A6ED5BC5D
Request Chain 60
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=8715120259450762151
Request Chain 61
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=22aa7311-1fdd-4082-860a-479e2e67c6ba
Request Chain 62
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-sqa6tdtE2uFduENxn935Tvsrpl3hxqOlDE2pu9o-~A
Request Chain 63
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7497179824 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7497179824 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/829dc61b-75e2-4641-ab0e-9d90e553c4f5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
Request Chain 64
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 66
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%252F%253Futm_source%253Dtelegram&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%25252F%25253Futm_source%25253Dtelegram%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=7486723602587192148
Request Chain 68
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7d9cc005-4195-11ec-a70d-023bda41e5d8 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-0TT_8GhE2uHRXGudf4nMVnX8CelY0UDS~A~UP7d9cc005-4195-11ec-a70d-023bda41e5d8
Request Chain 69
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=A5CEF7FA56F544E98FB642E74E0F0EF9 HTTP 302
  • https://router.infolinks.com/dyn/enbd-usync?uid=c026e4a1-7779-4c70-9c15-ee773d2b9f40
Request Chain 70
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=ceb5c834dfe1b9a51eaeaa46
Request Chain 71
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D97704061-BE79-44EE-9ECE-659A6ED5BC5D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=97704061-BE79-44EE-9ECE-659A6ED5BC5D
Request Chain 73
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5132203619574837052
Request Chain 75
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&dcc=t
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5tRY4FqO9iHkMqvoNSUZI&google_cver=1
Request Chain 78
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYrPrcS6NWwB4.GGZ9syEwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGn-rb_K1ovgXgLOmNNLI1E&google_cver=1&gdpr=1&google_hm=2
Request Chain 80
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 82
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYrPrQADUMF0rQBR HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYrPrQADUMF0rQBR&gdpr=1&_test=YYrPrQADUMF0rQBR
Request Chain 157
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 159
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=2DrW8XdawHHLj064BBlh&pi=mgid&tc=1
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_ad26592d-3ee5-4f30-a15d-3c2492e35fc7&bsw_param=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&expires=10 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 161
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=la9K1hCMoiIb HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7452029736419221580&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGE5SzFoQ01vaUli&muidn=la9K1hCMoiIb HTTP 302
  • https://cm.mgid.com/google?muidn=la9K1hCMoiIb&google_ula={guid},5&google_gid=CAESEIYRhGpVkkOCIpgalRam-QU&google_cver=1
Request Chain 164
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=829dc61b-75e2-4641-ab0e-9d90e553c4f5&ttl=1639079087
Request Chain 165
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=e1545b45-085f-47f0-9da0-a15a806634d4
Request Chain 166
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=la9K1hCMoiIb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=la9K1hCMoiIb HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&consent=&gdpr_pd=
Request Chain 168
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=cb75f8b7-970d-4964-bd4a-bb74b725adcd
Request Chain 224
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 245
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8369973947737466976
Request Chain 246
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB-Jk7DFZ8AACgHAOtsSg&expiration=1637696688&gdpr=1
Request Chain 247
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 248
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ca96e80e-2594-4a58-93ca-ae42ab4255a5&expiration=1668023088
Request Chain 249
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 252
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 279
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7e5618a-cfb1-4a00-b776-f51e79e3ba93
Request Chain 280
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UrwzQQfraRFJvW5EB7smFVW6OBRJ6TtBVexZwBnH
Request Chain 281
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9215867005113022602
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIvgbdn9AlyihNIZdi1mgQs&google_cver=1
Request Chain 301
  • https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&mh=TO&mm=31&mn=sn-4g5ednsl&ms=au&mv=m&mvi=4&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=14.071&lmt=1634957467751251&mt=1636486604&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOX9vWrJjDdMZcGNqTHkHMoMtpnbKapkgj2cCi48606qAiEApyqEI4A0JrAcQj-BoggXHBoFoZZx63XWvCRGuvHWxxw=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAVGvxKw0_r58wthXKgHkqH_R4sRb7Sk6IdQfskPbIKUCIEoNrRDDlXJrKxyu3ftNveJw3UVw3gRTHMtZIu53KyJ0&cpn=xLGaWm1lxOPpKkVd HTTP 302
  • https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=14.071&lmt=1634957467751251&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOX9vWrJjDdMZcGNqTHkHMoMtpnbKapkgj2cCi48606qAiEApyqEI4A0JrAcQj-BoggXHBoFoZZx63XWvCRGuvHWxxw=&cpn=xLGaWm1lxOPpKkVd&redirect_counter=1&rm=sn-4g5e6z7z&req_id=adb69dbf93d336e2&cms_redirect=yes&ipbypass=yes&mh=TO&mip=2a01:4f8:a1:1a1:85::1&mm=31&mn=sn-4g5ednsl&ms=au&mt=1636486650&mv=u&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgFO0wOHdDHVYMuLilyrRF1Twow0RTFhASwuI6HZLvx8YCIQDRwPJDKXUsW7EiPicZX9UloWpFJZ-BHIU9rLfIebbpCg%3D%3D
Request Chain 331
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CjwmQsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOxCRzwYoNSLebIgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&num=1&sig=AOD64_3XjWDyxp7QLV-kSo1yJbCmIYlAcg&client=ca-pub-9848746867798493&adurl=https://www.fashionette.de%3Futm_targeting%3Dcustom_intent_brand%26utm_id%3D14859714714%26campaign%3DE_Display/DE_YouTube/DE_DE_YouTube_YTforAction&ctype=110&label=video_10s_engaged_view&ad_mt=10234&acvw=sv%3D905%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26p0%3D5674,321,6057,1000%26p1%3D5661,321,6044,1000%26p2%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10286%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1572%26pst%3D493%26dur%3D14001%26vmtime%3D10233%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D46%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487100185%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C0OXCsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAHABW6gBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOaCRpodHRwczovL3d3dy5mYXNoaW9uZXR0ZS5kZbEJHPBig1It5siACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10234&acvw=sv%3D905%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26p0%3D5674,321,6057,1000%26p1%3D5661,321,6044,1000%26p2%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10286%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1572%26pst%3D493%26dur%3D14001%26vmtime%3D10233%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D46%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487100185%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646&cid=CAQSKQCNIrLMtFjFAZxCPgmLCIcTDxaWjn6RWkCh81Z6vDV61q8s3wiiovh_&dblrd=1&val=ChAyMjhkOWI0YTQ5Y2IwMDIzEK2fq4wGGgi6sPz7cknt0yABKAE&sig=AOD64_1EQCF_42kb2cl1LWjqLNODLak3Ng&adurl=https://www.fashionette.de%3Futm_targeting%3Dcustom_intent_brand%26utm_id%3D14859714714%26campaign%3DE_Display/DE_YouTube/DE_DE_YouTube_YTforAction

312 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/ 		112 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e25e13e7a70ae3b5005091cb502dfb82094b7c10c6f9d60933be8d57e6bd77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Tue, 09 Nov 2021 19:54:44 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1LC2e7%2Bv50NCtiWXqWAG8hd42FLRbLfhpoJ6u8kC8bUarUxVOE52q0CUJYuW91SumakIb8ui5ackRse4mXNd1ypIKylMWVtkrpZnnHV4WJLi4NJNwoC9vibk%2F48oudD8rmjh%2FE5SpWoig3lFfTPLsfcrdH5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab98992f9495c74-FRA
content-encoding
br
js
www.googletagmanager.com/gtag/ 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4e652657db6751606fa5ca57e4e8e05e7ef418c78ac7bc7b36cfc61dd0ef8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61758
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:44 GMT
collect
www.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oeb80&_p=845553925&sr=1600x1200&ul=en-us&cid=1403804126.1636487084&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&dt=Neighbors%20Build%20Home%20for%20Veteran%3A%20%E2%80%98He%E2%80%99s%20Always%20Got%20a%20Place%20Here%E2%80%99&sid=1636487084&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iiry.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/ 		810 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/iiry.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de381ba3aba2766bb339e998e98334f114ad3d3e29caa35a43eedb1020f2e201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 20:34:32 GMT
server
cloudflare
age
1133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8v8I4UCw5NKXpLD%2FFMAIiJfYQHbz8col9dSaPv1mjcCKy1wr1YzU1VrZp3Pog13z%2FGjy8ZVqXZy3YN6XbmGjJUXt5N2NCwuezWALVbHmFxUnOVDjd1xO%2FTa9EZzEm0jLr5P%2FNxvMzp9iYZtC%2FcsxsKlV15w"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab98997ad2b5c74-FRA
expires
Thu, 09 Dec 2021 19:25:51 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c2b4cf527036603abbb279a96cc0b6f55ddb03768f8b91adfc5d0fb0839866f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 19:42:45 GMT
server
ESF
date
Tue, 09 Nov 2021 19:44:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Nov 2021 19:44:44 GMT
iiry.css
resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/ 		609 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38153cf8c4070d228b3be3409fcb214b7fbe44dc51bbd1f2cc2a0d180d068252

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 20:34:32 GMT
server
cloudflare
age
1133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbP001P5gF7%2FG1HEWqIYs1aZY7SwnAT2Z%2B%2Fv%2FnXaRlZXV7zAonLm8l7XBONt7%2FnlWyYRukx5vXczxHlSgyRerJIMl7DghHTAfDFHauLVS3iCXXikfuLMSFcCja%2F6tKEKZHmHMVUtV%2BOZiuUd2WQ8ty4%2BGtkp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab98997bd2f5c74-FRA
expires
Thu, 09 Dec 2021 19:25:51 GMT
iirx.js
resistthemainstream.org/wp-content/cache/wpfc-minified/1dzug0cu/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/1dzug0cu/iirx.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11acfb89e757aa221d8831f30834c811683ac36c7cb73d9ea6b223cd348fe37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 20:34:31 GMT
server
cloudflare
age
1133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfABVwZhTp9Xhfu%2B13Ns7Hdd9PXefTq8qHhth3TpT9xrXW5B5P46ce8aeavzAbFc918MMM51dXAumum2MBeaFJnTaAj6%2BKQdV8VMWK6q8crLrqPbm1L%2FuPsQbYNt06wrmMmWb5e2kI7AihsCltP1Z0pVWZ2Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab98997bd305c74-FRA
expires
Thu, 09 Dec 2021 19:25:51 GMT
signal-2021-09-28-044331_001.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_001.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 02:48:47 GMT
server
cloudflare
age
1056
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxks5GrSk6uUT7Xe%2Fs%2FHbDoSniDEOA5U4OqjEEIF4KC9UY3D55ceJIE9ijKxbs0Y0Y2YvyIknoJRjhUmc9jZCkRS4J9TDJLgdka3F5ybl05touihD275kCpp2ucicAq8Q4EDg%2Fq87mfgACbC143DZFIMgnve"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ab989985f4d5c74-FRA
content-length
2863
expires
Thu, 09 Dec 2021 19:27:08 GMT
wp-emoji-release.min.js
resistthemainstream.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoJmSJeuCOEq5%2F%2BNFO%2FemRMaItVLp5aUG%2BsI57RtreoUIDxp3YcgLwvXwxNioEVO9Q8Gixln8gO%2FsWCj4PW9VlZjBUFsGp5OUl81Ta7qV9R37zAhyTra%2Bl3frwfw6XmL6jP3rphuWDEPu7CCAcrFoVd1g%2BCa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f525c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
logo-mobile.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/logo-mobile.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 03:17:30 GMT
server
cloudflare
age
1056
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8opI3Mhgp%2BreIZiTBGm9VsbuSIVFHNwu7Q2ZI6i%2FvBwX1tBYNv9Jk4FLh7tIbE9HJ9hOV0GHm8YxU1yBB99ijOblblN12Jied68N%2Bbz8S39FFVM8eoOmrqPHCuD2gzmzWBTiAolIQBs%2Bp87cohL9W3xjdqY3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ab989985f545c74-FRA
content-length
1699
expires
Thu, 09 Dec 2021 19:27:08 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41228f75e7af5561506570c87ca458db9e259d640c286e2cb5619092d18e395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ab989983dba69a3-FRA
date
Tue, 09 Nov 2021 19:44:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 09 Nov 2021 09:55:29 GMT
server
cloudflare
age
6544
etag
W/"d67-5d0581c03caed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Tue, 09 Nov 2021 18:55:40 GMT
email-decode.min.js
resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Nov 2021 13:28:28 GMT
server
cloudflare
etag
W/"6185317c-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr7FMbkAgDTLhKCV68O3ah2UDm4UJUOyXjurxOhbGyjm4gnpACZwUmjYRdUKsMHlIBGcPin3N81IAKM2fsfZeJQT%2BG8qnzpaXt66I86kROLk3Jr8nbYhfdFyNvemnf%2FRDQKpbg%2FsLTIQX9z1se9Wub7MFdQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989981e375c74-FRA
vary
Accept-Encoding
expires
Thu, 11 Nov 2021 19:44:44 GMT
resistthemainstream.org.1149360.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e70e0d2c49913cfed151d2a714b5c39ed5683ede70ac5cd8ec4c74847153dde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
age
4121
last-modified
Mon, 01 Nov 2021 14:30:57 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
2SJA93RX9QTPXCY6
x-amz-id-2
+RO92ETzriaK3FbibFxUddN+lrk+y9DVfnfEsz96vsTyPAA4/U2tkULnS+rVopYb7bhySD89rvk=
cf-bgj
minify
server
cloudflare
etag
W/"5e52a405b1decc3ff7f769afe64ef1c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ab989988fdb4a6e-FRA
expires
Tue, 09 Nov 2021 22:44:44 GMT
embed.js
talk.hyvor.com/web-api/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/embed.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d0c8337f4b966f1bd06def9e350e6bace09705309c705f1607e6c07f47a444

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BuvCIdmk7NSeKLSqiZSwOnz2BgmcZ98FYlIod2uBN4Y5y3Cc3nqVgJuZ2aGjxf3%2BZZZSnWdhyfjG51RDib52tq%2FKkhuxXxYaFbJ82U35MhdsGXEtnZRR7cH12PCb%2FMFTl%2BHJ4bv1h3B4z8T"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, public, s-maxage=1382400
cf-ray
6ab989989dba1f31-FRA
resistthemainstream.org.1156929.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647b87d58e9133ffbe643b3e8c22d5f172c903e2f97d487a386a8a559269eec0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
age
6239
last-modified
Tue, 09 Nov 2021 15:57:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
0G6GVDN8N15XC8Q6
x-amz-id-2
ja5csrg/xWrx3DuKQBgI9sevOQhEfYfpc59ZiYtlK7H6QSjtjvCxmzdNBO3xxHAiFutG8JE2w+c=
cf-bgj
minify
server
cloudflare
etag
W/"83de55094f116ee3f7c06058301d50dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ab989988fdd4a6e-FRA
expires
Tue, 09 Nov 2021 22:44:44 GMT
/
talk.hyvor.com/web-api/count/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/count/
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"54ae38239fdac3aebd77d7563e732af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdWf3yjm9DmbbJHJnGbLZnN1Aap2nCNEwIv9%2BDhwlE5mSVG8b87QFNY3cD4%2FqGbtJCk0DCl7OFczCzoUOQDKlWGFgcNEvaOV%2Fj0fL0QGsOA8OE3YvgOEa2oPw4bwkQTbKBr1A3EOzH7aZ7qe"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, public
cf-ray
6ab989989dbc1f31-FRA
front.js
resistthemainstream.org/wp-content/plugins/embedpress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/embedpress/assets/js/front.js?ver=3.2.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:50:59 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSSttfteljOUlGyzvxirFalCoK4Rqus%2BknEWNucMqJt00MJ%2Bf%2F4Twu3DLSlfr8hN%2BORA2uvj%2BDyHZBlnZUCdZBaMdyk4ugB3s3%2Fr0qVAe%2Bfq8w0U1zmBSDxFy%2FRUFK8ahV7rTwVRU3sZ3ql2ZfzFUAXlGZBD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f335c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
frontend.js
resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/frontend.js?ver=10.0.0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:52:41 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln40P7dbiNdLZz6v%2FoT1IuE9dbum9cegBeAG32PtWE4KvS1Plwl%2BwajI6cQ20SlKzj4RYr98W55CHUnThYgRTLwuuWJbhto2uhf21xoBZZ%2Bb2ERU3uc4AM3F7Gs35DOjPCMbDjEtOQMP6wcQbXUrnDneJQUw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f3b5c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
comment-reply.min.js
resistthemainstream.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 00:35:29 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQMLfdUb9iB%2BI5lUqxVPgt836zdQlLH8QTWFLrZimkKqR78dUdiLRWmhf6PsCc9yAfvQRe779NmURdosEB9HLYDp%2BVZivVSRfVgbKReKwtzI6gJe904hkXVBnzCVvZTlvVOdVNSnmbIzU71wWh4ASaLhiMF%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f3d5c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
hoverIntent.min.js
resistthemainstream.org/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuX4YowqB8xBEZUwqvsM%2BObyaZADV7Dw5c9mhvnC0ePUmQNwYnR6qJl0OaqQ4yBg%2FRwCPjg0%2FbXPztYpA09VvqG0P%2BO3VdR6n3pOVFi0eDq%2FuZMeHP3FLxEluk2XeAjdJOXZlqaUXEditnlPDlu9KLVBv8so"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f3e5c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
imagesloaded.min.js
resistthemainstream.org/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Feb 2021 00:14:28 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnaMNhLQRZYb9nih87zzmS6CfEhBLrmlVJoU2eCTxlmJJWg%2F4tGl4hW2tzgsi5ZNc34O9OSlnVAq0e2nvn4x2te3u4%2Fj0kCM33g0cs5nOEiSHwrJVItTbbQPC3qJtlY%2FrsXzG2tLZZq1l0Y2XKMkkofDNiRE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f415c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
frontend.min.js
resistthemainstream.org/wp-content/themes/jnews/assets/dist/ 		292 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.0.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVwNmBNC4S9yBtcaNAfwmb2SO%2BRG84BaSrvLKsgfKKh59DJkOO44MYtpOhTPfouSiPhSjoSCCMA0uXT8NmJzTW%2BkSgGRB7180HPFxZeJpBkqBw7hZwjgX80vhZp9kcw2MSvxyi6NvKeBptHfgoCizpOZxDVx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f435c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
frontend.min.js
resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:51:06 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7tbSRrLMldmFA6dceK2vL1hdKiRRZG8%2B%2FVcRrYt%2BbAaptVuLJa%2Bg8muGh5yo2i%2FEBedvvwJAf%2F5oncs%2BMLKKkkF6blScLwpyDzAVncOKm5ffADgYYvomCoIezGbJU675gmDsgqdfDfGWoVtJuM6vtz9MMP1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f475c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
plugin.js
resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Oct 2021 07:28:08 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nu2LGjUsIsBz9n%2BsYgeU4THgXDFCT%2FTt57asTjotW6sTvCci91LBv1RZYNakUcWnyRb4s1h%2Bsz2PcDPG5%2BWhSFmM6TAgflC5ZcP86YnJKhzZmVRKZCv2R3Fr%2FMhoIOulv5eZek6emG3cMKgr0RIO1Iebj79w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f495c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
ads.js
resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.31
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:50:40 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts%2BEmgPN97mNqAcy32UJEQHXnsdboyncE6a9yRQSKVJBuUVD1%2BUDWYd58FSXGEurtcW8WpWFA6ibmM%2FTR7AM814TIe09nNQirlb35AZJ9UJRp%2BImMVM88M61oO3cJ%2B0skdi7dhzSbblqwmmI21XR9%2BmmLwdr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989985f4a5c74-FRA
expires
Thu, 09 Dec 2021 19:25:52 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 12:11:32 GMT
x-content-type-options
nosniff
age
459192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 12:11:32 GMT
fontawesome-webfont.woff2
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFOeFTIHh3motKaMILMpYPAq4GaSZ%2F7FmKorgpM422ltosruUK3VmW89KNkbrD8X6z0nY9D8kHw69%2BKpfB6NSlqrR0tl24gBKzim%2Blbam4TpcNP9Dw1sw7oAbMngQ0HH929hGh7Zg9fHlH%2F6vZ0pSkxp5NOx"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989988fbc5c74-FRA
expires
Thu, 11 Nov 2021 19:25:52 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 10:51:57 GMT
x-content-type-options
nosniff
age
204767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 07 Nov 2022 10:51:57 GMT
ice.js
resources.infolinks.com/js/1762.009-2.035.ab.1764.004-3.025/ 		462 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1762.009-2.035.ab.1764.004-3.025/ice.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a26bf140c5e2c534f84e4f7d429f088195248def4d85eaebc82dd160c8e01a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ab9899908aa69a3-FRA
date
Tue, 09 Nov 2021 19:44:44 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 05 Nov 2021 12:38:51 GMT
server
cloudflare
age
2395
etag
W/"73765-5d009ece2f7fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Thu, 09 Dec 2021 19:04:49 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9400:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:12:20 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 20:54:21 GMT
age
19945
etag
W/"14f4-17d01549b0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
rpzJ2sUBMeP8xExELH6nY-qUCQ_l1GrhNBwoObqN5HLywILPA-5jRg==
preloader.gif
resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:44 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
1132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2wOJoOT05F0DfIxKb5uKSYQHWJiAS9Pnr2HLrz2N1MhnJF7ZwSwKCi2%2B0vmR5urDW%2FWxF0fW0FT3AFcz7EttARuWYTUNOwTcV1399ddD%2BDoXalPP1WvKhTxtbksuGbfk7rbFW%2BsKfw1v%2Flzmp1Epq7m0phz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ab98999295d5c74-FRA
content-length
4399
expires
Thu, 09 Dec 2021 19:25:52 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options
nosniff
age
81167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:57 GMT
2021-04-03_21.54.16-80x80.jpg
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/2021-04-03_21.54.16-80x80.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1057
cf-bgj
h2pri
content-length
2072
last-modified
Thu, 23 Sep 2021 02:54:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WAlos6slZEMLlETifQHRgZQfm%2FdGG85HXcGfc%2BhjbFL1tLQtQhLZMbyKjzKZMFKmBFUt6RJPgeIuFfUie5i8%2BeLEgt0dmoAce46OXZOSxvMt0NzbguddoTmmWtuSZJ2VI6j4K24DNs1NnQ1utNFCMEppOlR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6ab9899939a15c74-FRA
expires
Thu, 09 Dec 2021 19:27:08 GMT
jeg-empty.png
resistthemainstream.org/wp-content/themes/jnews/assets/img/ 		70 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
1133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BV0E37SZ%2Bld%2BmHkCCL3%2FEi0I1TmXnFW5M%2FE7xge04oKQ0%2FC0ZPPRL2bI7gaEWvXpq9Bj9BeY13dzSMg8tt8zmXvEDIKoFVShYgi%2BosjSsv3B6O3gRYTVcmVPfCu1gNitUty1cBHQ1d%2BTaAjWGu7MttaNbMZR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ab9899939a45c74-FRA
content-length
70
expires
Thu, 09 Dec 2021 19:25:52 GMT
resistthemainstream.org.1149360.es6.js
jsc.mgid.com/r/e/ 		238 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a8b8dab442da8e42788f7d1e5b798740e63906533ae6e6272db263f548901f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
br
cf-cache-status
HIT
age
5570
last-modified
Wed, 03 Nov 2021 20:01:59 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
N88TJ5CSRSRMGBND
x-amz-id-2
1MWiTGILQfh8OpFk0SoaGw7c97d6srSsnLW4O3zEvnTDqj6SN10u7lEojNLMqS9YekfUjv+024A=
cf-bgj
minify
server
cloudflare
etag
W/"150087bac3f63b99a89c261083b67824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ab9899969bf4a6e-FRA
expires
Tue, 09 Nov 2021 22:44:45 GMT
jegicon.woff
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/g0ax829h/iiry.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
1133
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehajJaAvpXs1tlk4zTulB3us03DpsQ76N2b5gBX5LTy%2BL9TTDdLOZH5mtheXl5U6zA9EO4gBHJJKouePXpkpkKf4IxefkOdoOroQzZzgOuPbLHVoUJD%2FAujRCFYd2U2SOTolScodBwkv2vHTCSWTnGTgIAdX"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ab989996a315c74-FRA
expires
Thu, 11 Nov 2021 19:25:52 GMT
vGZKdQ8a_YA
www.youtube.com/embed/ Frame 48AA 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ab06d7e8d1dd529af76a35c34a50d95c176ac39254bc527a99d992a91e8581d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Nov 2021 19:44:45 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
resistthemainstream.org.1156929.es6.js
jsc.mgid.com/r/e/ 		239 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ffce189be6667dd198e8dcd72882b51623c6bcb6dbd22c893e6ff79556268e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
br
cf-cache-status
HIT
age
6239
last-modified
Tue, 09 Nov 2021 15:57:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CHKCNDFZYH8NWDFM
x-amz-id-2
q4nCSVWdF5zyAYfa49SXluCbhTdyrZufq86LR2OsRkxT7IYhAYXtUhBwTNZi6udIAn5Uz+Vskro=
cf-bgj
minify
server
cloudflare
etag
W/"361e6eb13ccd199b4880125775b380f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ab98999ceeb5c14-FRA
expires
Tue, 09 Nov 2021 22:44:45 GMT
api.min.js
a.omappapi.com/app/js/ 		208 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
71ebaa7b30e6256d69d1da136962215a233d0535e2dc67ce3315e59852e5f576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
11/03/2021 22:08:18
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id
SF6KJ7NQ0FMB3JCE
x-amz-id-2
T2kZ1IAD0fDKz9eq5mwYMVSdzKS2OuNDcZEpNCUzIvih50ZiWPT67iJsWPfN3HfAy/6shpzeHUg=
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 21:08:11 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
a18a0d74457457e647e8bb27122e8713
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
/
resistthemainstream.org/ 		119 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/?ajax-request=jnews
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac73a7f9daed796ceb0e793a9a91ca66cb6ed6fb1a6278bc18731a0a47c3c248

Request headers

Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af6jkEQrqL%2Fj5C1WgbCQ9y7%2FK9%2Bpc4LjUu6VNrJ%2B%2Fxw%2Fq43whVMFqHNXzUnTg7gEAR8ZWgm3Nk64oITY%2F9I7%2BCtcJ2tq7l4YWAuceAR9nRSoZIS3%2FMrjGpUlBhuGUC0JtTQ47UjO6EgOOlZH9Yd9WZwjYmYH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
6ab9899a4c955c74-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
FotoJet-2021-11-09T153843.856-750x394.jpg
resistthemainstream.org/wp-content/uploads/2021/11/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/11/FotoJet-2021-11-09T153843.856-750x394.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3172175aefb31f188e745a52fa0691ca5f3cebc70c9752500fbdf3f3289a0268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
856
cf-bgj
h2pri
content-length
33886
last-modified
Tue, 09 Nov 2021 14:39:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sfiQYdMTqGauOndjQG7mPafOtuhzeyzH%2F9OCvP1xdploMwbZ7jXlfMbihgA%2F31BlwFHWfEUtg8MnhHWjVNuKE9q28qlpXyusIffbST2k%2BxaS6EX4UxPOQ9V3PWG9qxh7vvBM6DXnE6w9D6OTW1TshCxBCau"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6ab9899a6cda5c74-FRA
expires
Thu, 09 Dec 2021 19:30:29 GMT
ben-1-360x180.jpg
resistthemainstream.org/wp-content/uploads/2021/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/11/ben-1-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b4b1579f0eececaabe7d686b4e5a1e175399e382b491aeeec46f5eeb3c7f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
856
cf-bgj
h2pri
content-length
14943
last-modified
Tue, 09 Nov 2021 14:10:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsnkGS9KcYpaFhB%2FmHrKQeZBbaYOW6juOzugbBigs%2BGxIhLnMdFd9T%2FthdT3U3TrGUKgyKwVvG%2FGwKfAj6LF2yT3nNoxXWPQlzs0%2BuWVK2Z4vbIa1LihgRyc6U2RKlmXBRMKWLm4FJKvjMkpPrR8ygoLl3G7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6ab9899a6cdd5c74-FRA
expires
Thu, 09 Dec 2021 19:30:29 GMT
FotoJet-2021-11-09T153843.856-360x180.jpg
resistthemainstream.org/wp-content/uploads/2021/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/11/FotoJet-2021-11-09T153843.856-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
537a6cca9daace7691f81c208397130ae3ee16f161d10f362acd9066fd521f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
856
cf-bgj
h2pri
content-length
15384
last-modified
Tue, 09 Nov 2021 14:39:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKfJhLFTRzH%2BW6XH%2BKklzekLjmWyIh5nUsSUW8QRZkUhiHegKCepFxGEOc0I9r6HCkJrk8wB3QQCjbvFqCC6Q8n%2B2sOnFC0LfjfONwqj7WB5h3fpZF2TVVgh%2BgWCAblCvfr2sGcqkgfbkznNoyryDK0nV9AF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6ab9899a6cdf5c74-FRA
expires
Thu, 09 Dec 2021 19:30:29 GMT
manage
router.infolinks.com/usync/ Frame 6723 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1762.009-2.035.ab.1764.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab224676b71e78a84acbe69453c7bfd781dfba0b0208626e3da67e65420114f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab9899aeda069a3-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1762.009-2.035.ab.1764.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ab9899aeda769a3-FRA
content-length
0
gsd
router.infolinks.com/ 		0
34 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&jsv=1762.009-2.035.ab.1764.004-3.025&_cb=16364870848760
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1762.009-2.035.ab.1764.004-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ab9899aeda669a3-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
13420768046326374
lockerdome.com/lad/ Frame 8EC1 		76 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4076f5e13933b6903147a331c4be1ca804719c904723683449124e2307cdb8e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
21820
Date
Tue, 09 Nov 2021 19:44:45 GMT
analytics.js
www.google-analytics.com/ Frame 5F7B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6251
date
Tue, 09 Nov 2021 18:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 20:00:34 GMT
13420770663572070
lockerdome.com/lad/ Frame 7B61 		45 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
127d7e1b93a56a36cf4cf99973327f49fe7e06988bfb00faf58491e72fc5072d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
16299
Date
Tue, 09 Nov 2021 19:44:45 GMT
13436276233712486
lockerdome.com/lad/ Frame 9A7A 		156 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
382c281fe526f9ddda3571836edf3f1197f2a21eeeb0decb902f59e43960f5f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
34993
Date
Tue, 09 Nov 2021 19:44:45 GMT
13763115057895526
lockerdome.com/lad/ Frame 0901 		25 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
258b791b772aa8287ba9115550989752843c5620c48c2fa5b5a22cb05795c976

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
10967
Date
Tue, 09 Nov 2021 19:44:45 GMT
www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame 48AA 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
101192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47115
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:38:13 GMT
www-embed-player.js
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame 48AA 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
101269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70045
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
base.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 48AA 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
101269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527841
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
fetch-polyfill.js
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame 48AA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
101269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 48AA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:41:55 GMT
x-content-type-options
nosniff
age
478970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 06:41:55 GMT
collect
www.google-analytics.com/j/ Frame 5F7B 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=829050775&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=AdUnitInHiddenContainer&ea=14264500010300518&_u=YADAAEABCAAAAC~&jid=834301758&gjid=225026587&cid=1403804126.1636487084&tid=UA-1933164-1&_gid=270276069.1636487085&_r=1&_slc=1&z=1792109940
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
de.tynt.com/deb/ Frame E859
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Wed, 10 Nov 2021 19:44:45 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 09 Nov 2021 19:44:45 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Tue, 09 Nov 2021 19:44:45 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 6581
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19754713ec9a4431d4b151e208a8c36f551d0f0d6995eea551f359c89c667604

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|191|196|41|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1679
Expires
Tue, 09 Nov 2021 19:44:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 09 Nov 2021 19:44:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame DFAB 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc3MDQwNjEtQkU3OS00NEVFLTlFQ0UtNjU5QTZFRDVCQzVE&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc3MDQwNjEtQkU3OS00NEVFLTlFQ0UtNjU5QTZFRDVCQzVE&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D97704061-BE79-44EE-9ECE-659A6ED5BC5D
  • https://router.infolinks.com/dyn/pbm-usync?uid=97704061-BE79-44EE-9ECE-659A6ED5BC5D
0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=97704061-BE79-44EE-9ECE-659A6ED5BC5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6ab9899dddf169a3-FRA
content-length
0
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=97704061-BE79-44EE-9ECE-659A6ED5BC5D
date
Tue, 09 Nov 2021 19:44:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=8715120259450762151
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=8715120259450762151
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899caadc69a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d88ac1fa-d5cf-49c1-aedd-1474dc6714ae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=8715120259450762151
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=22aa7311-1fdd-4082-860a-479e2e67c6ba
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=22aa7311-1fdd-4082-860a-479e2e67c6ba
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899c7a1069a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://router.infolinks.com/dyn/ox-usync?uid=22aa7311-1fdd-4082-860a-479e2e67c6ba
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
VR-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-sqa6tdtE2uFduENxn935Tvsrpl3hxqOlDE2pu9o-~A
35 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-sqa6tdtE2uFduENxn935Tvsrpl3hxqOlDE2pu9o-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899c8a2a69a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-sqa6tdtE2uFduENxn935Tvsrpl3hxqOlDE2pu9o-~A
date
Tue, 09 Nov 2021 19:44:45 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7497179824
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7497179824
  • https://sync.1rx.io/usersync/tradedesk/829dc61b-75e2-4641-ab0e-9d90e553c4f5
  • https://sync.targeting.unrulymedia.com/csync/RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899dbd9b69a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
date
Tue, 09 Nov 2021 19:44:45 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8e9b59cb5d9e46b98d7af57443c3cdc8003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899f8ac469a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:46 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 6723 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 6723
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%252F%253Futm_source%253Dtelegram...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=7486723602587192148
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=7486723602587192148
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 09 Nov 2021 19:44:45 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Tue, 09 Nov 2021 19:44:45 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3c9f5fe1-8fd6-4035-ba65-46fbc9b3d8ef
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=7486723602587192148
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 6723 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7d9cc005-4195-11ec-a70d-023bda41e5d8
  • https://router.infolinks.com/dyn/outh-usync?uid=y-0TT_8GhE2uHRXGudf4nMVnX8CelY0UDS~A~UP7d9cc005-4195-11ec-a70d-023bda41e5d8
35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-0TT_8GhE2uHRXGudf4nMVnX8CelY0UDS~A~UP7d9cc005-4195-11ec-a70d-023bda41e5d8
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899c8a5369a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-0TT_8GhE2uHRXGudf4nMVnX8CelY0UDS~A~UP7d9cc005-4195-11ec-a70d-023bda41e5d8
date
Tue, 09 Nov 2021 19:44:45 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
enbd-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=A5CEF7FA56F544E98FB642E74E0F0EF9
  • https://router.infolinks.com/dyn/enbd-usync?uid=c026e4a1-7779-4c70-9c15-ee773d2b9f40
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/enbd-usync?uid=c026e4a1-7779-4c70-9c15-ee773d2b9f40
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab989a1685069a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:46 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/enbd-usync?uid=c026e4a1-7779-4c70-9c15-ee773d2b9f40
Date
Tue, 09 Nov 2021 19:44:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=ceb5c834dfe1b9a51eaeaa46
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=ceb5c834dfe1b9a51eaeaa46
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899f6a7969a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:46 GMT

Redirect headers

Date
Tue, 09 Nov 2021 19:44:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=ceb5c834dfe1b9a51eaeaa46
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D97704061-BE79-44EE-9ECE-659A6ED5BC5D
  • https://router.infolinks.com/dyn/usersync?pmuservalue=97704061-BE79-44EE-9ECE-659A6ED5BC5D
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=97704061-BE79-44EE-9ECE-659A6ED5BC5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6ab9899dddf269a3-FRA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=97704061-BE79-44EE-9ECE-659A6ED5BC5D
date
Tue, 09 Nov 2021 19:44:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
iq-usync
router.infolinks.com/dyn/ Frame 6723 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ab9899d5ca569a3-FRA
content-length
0
zeta-usync
router.infolinks.com/dyn/ Frame 6723
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5132203619574837052
35 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5132203619574837052
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899e885a69a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5132203619574837052
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 6723 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.176 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip176.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Nov 2021 19:44:45 GMT
server
33XP001
dcm
s.amazon-adsystem.com/ Frame 6581
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:46 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZS6QA96JB8FB80CXQ0SH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8F9FJSM24CEN8AGHAQJ3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6581 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6581
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5tRY4FqO9iHkMqvoNSUZI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5tRY4FqO9iHkMqvoNSUZI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5tRY4FqO9iHkMqvoNSUZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6581
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYrPrcS6NWwB4.GGZ9syEwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGn-rb_K1ovgXgLOmNNLI1E&google_cver=1&gdpr=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGn-rb_K1ovgXgLOmNNLI1E&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGn-rb_K1ovgXgLOmNNLI1E&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 6581 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
last-modified
Tue, 09 Nov 2021 19:44:45 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Tue, 09 Nov 2021 19:44:46 GMT
crum
dsum-sec.casalemedia.com/ Frame 6581
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:45 GMT

Redirect headers

date
Tue, 09 Nov 2021 19:44:45 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
bridge
cm.adgrx.com/ Frame 6581 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 6581
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYrPrQADUMF0rQBR
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYrPrQADUMF0rQBR&gdpr=1&_test=YYrPrQADUMF0rQBR
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYrPrQADUMF0rQBR&gdpr=1&_test=YYrPrQADUMF0rQBR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636487086.698535,VS0,VE0
x-served-by
cache-fra19151-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYrPrQADUMF0rQBR&gdpr=1&_test=YYrPrQADUMF0rQBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ix-usync
router.infolinks.com/dyn/ Frame 6581 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YYrPrcS6NWwB4.GGZ9syEwAA%261148
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ab9899caac869a3-FRA
content-length
35
expires
Mon, 09 Nov 2020 19:44:45 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 48AA 		113 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba5c76416393c71ade7a227be7fecb9baeb5b4717dd1123cf889039a2e3965fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 48AA 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:31:30 GMT
x-content-type-options
nosniff
age
795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 19:46:30 GMT
remote.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 48AA 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
101198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29782
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:38:07 GMT
kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js
www.google.com/js/th/ Frame 48AA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 05:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
570976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Nov 2022 05:08:29 GMT
embed.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame 48AA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
101268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7365
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:57 GMT
truncated
/ Frame 48AA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
UehOXAwFcJLGD94VxNgQIs72KC6IpQXkOMQe3ywEfQSyu7kisBsZD5tKH6z9nEwUDvCuahSX=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 48AA 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/UehOXAwFcJLGD94VxNgQIs72KC6IpQXkOMQe3ywEfQSyu7kisBsZD5tKH6z9nEwUDvCuahSX=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8af22b89a05bd7f477b756f8c1e8260d22a58238db166a186f70e56612e1442d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 18:41:05 GMT
x-content-type-options
nosniff
age
3820
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2363
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 08:19:17 GMT
sddefault.jpg
i.ytimg.com/vi/vGZKdQ8a_YA/ Frame 48AA 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/vGZKdQ8a_YA/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03ad28563e42297fd7302ed4e9ad0607f585529796c6dcd385d13cac28f3b59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:45 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43191
x-xss-protection
0
server
sffe
etag
"1622430128"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Nov 2021 21:44:45 GMT
cccaeed5f5279ac664fdc08237facb366c0bac7c7d9f2608ef338417fb56b548_small
cdn1.lockerdomecdn.com/uploads/ Frame 0901 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/cccaeed5f5279ac664fdc08237facb366c0bac7c7d9f2608ef338417fb56b548_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f32ac2511342c594ace4f424ba73914cdcd3f1ea230b220f55fd9dcab152287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ucMvBXSzv8A72ykTlir7rf.n7hOdqbCF
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 21:18:04 GMT
server
AmazonS3
age
23569
etag
"c7d6764650ff5044229909c20ddeacec"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 13:11:58 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
16624
x-amz-cf-id
i0fOe-DFSRRxoFEiqNTdhXmsNsDT17Slhjw6OCmvAhpeoncJWfaXCA==
a78160d1bc261a08e666e48ac9a3d8630b4a11ea729100577ba74e36c4eefa3d_small
cdn1.lockerdomecdn.com/uploads/ Frame 7B61 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/a78160d1bc261a08e666e48ac9a3d8630b4a11ea729100577ba74e36c4eefa3d_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3ea8fc6de15e6d5c742fdff859f03204770551a52a68d07746065c777b38c66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:40:42 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jul 2021 19:41:51 GMT
server
AmazonS3
age
54245
etag
"f86e1aaef3f05767f964a7daf49de2e1"
x-cache
Hit from cloudfront
x-amz-version-id
jrR7qcbcNRF_b53jTwzEbZJHaomh4LiP
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
18659
x-amz-cf-id
aF9K3eGA3wH_X8MBbtpRVzBpkL-551tgJpPgQ0stf_hK6EDZYa4tIw==
f9e61712184ed8b1798d23cfd6b627383445f2f851bd940e17799cdc3d200f4a_small
cdn1.lockerdomecdn.com/uploads/ Frame 7B61 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/f9e61712184ed8b1798d23cfd6b627383445f2f851bd940e17799cdc3d200f4a_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af0c7c25caef0e233eb44cfad098187f30f3ffa47192f4dd74cc2d85d09551f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eBbPpDd4B7PnevuTphgf7bYstMtef3lY
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Wed, 19 May 2021 21:04:17 GMT
server
AmazonS3
age
15483
etag
"edabf9502530c583cc2f56b1a683731c"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 15:26:44 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
9387
x-amz-cf-id
Rz5h7DJDtef7m60FG9eVOweZQDLGl4XdeNgGC7uOsrFaw1WQ68lJSA==
ab1d550f6d2f384f618fb6f2e0735e924a2b99347c80624dd9e118cf0a9f1779_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/ab1d550f6d2f384f618fb6f2e0735e924a2b99347c80624dd9e118cf0a9f1779_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eb0966044e1a32b51fcd3d2f2cb7dc9d2ca0c865ab20c5001f87510791387e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ow5sB6w97PT_0_FjW1bH5bRbBX99J8DH
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Fri, 06 Mar 2020 21:09:06 GMT
server
AmazonS3
age
53702
etag
"3487262b15ed786e0fe5c807b45f0b91"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 04:49:45 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
15734
x-amz-cf-id
_sjaayYBR7DFyR0QJbCQaF1rW6sEZGqBxoZfJd9YFkQS7BqlkrJgGg==
4a09717673bf802005dff889faa75e44cf1afc7dd6ea5de72bcd20fba9a586b9_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/4a09717673bf802005dff889faa75e44cf1afc7dd6ea5de72bcd20fba9a586b9_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc749fb959924e8a6b0a677cf184b52f09852bc5ab537ce6e2617995e394bfc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:13:56 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Tue, 10 Mar 2020 15:04:49 GMT
server
AmazonS3
age
55851
etag
"9e9c471ee403833fecbc7d6e56dd00ed"
x-cache
Hit from cloudfront
x-amz-version-id
8LHQorQl7D1nun6VRMSNGURWglDakWu8
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
23325
x-amz-cf-id
weU2S0dnfHeXsovRbvcUSZCfPbcQb38kE--ifrYXueoVpplnQzGOLw==
4ad9296a4725bc2971c6430ec2e28910614a2af3e0bf7ffe226e113b90208271_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/4ad9296a4725bc2971c6430ec2e28910614a2af3e0bf7ffe226e113b90208271_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6cd8136686f5a083c0dc7b3a015283b816116c54b5d6894dc0eb037b27480a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:33:20 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:30:09 GMT
server
AmazonS3
age
18686
etag
"01ef0abf9b39ffadffbb9a057f0e1ecf"
x-cache
Hit from cloudfront
x-amz-version-id
7HXsMG5PacvMQcGRONnhU4uiQtbdZPBu
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
14261
x-amz-cf-id
TQ2MRSfdN-R0YNAyJaCwKydwwoUGx6NfgCpwYBblqczbFU2jS6IVFQ==
31a805cac487f5e36f30a516b579a54dc469aa7b2e11cf7fdc61c17de378cd96_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/31a805cac487f5e36f30a516b579a54dc469aa7b2e11cf7fdc61c17de378cd96_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8382434e26c73097635a1a2b7216b0c181f5d0389cea68445140bd269643b8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
YTRXYIfj6lb2VqPpb8GIrPefcGgl1vzw
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jun 2020 18:21:32 GMT
server
AmazonS3
age
53028
etag
"b5b584c6cd715db6fba148ab989a7b74"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 05:00:59 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
16219
x-amz-cf-id
m4DMppYQeqrJqkE14SUNKfAKR4qemm12aVSPSHHhdx1VMKQLphextA==
977143ef303399e7853efa5dee7403db45677b646fd392727759b3f85ea6dbe8_small
cdn1.lockerdomecdn.com/uploads/ Frame 8EC1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/977143ef303399e7853efa5dee7403db45677b646fd392727759b3f85ea6dbe8_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
266844a1a1238cf7697d587b642e3467ee74913da9f37eaaddcfaba2f6f9e9c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:40:44 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Thu, 14 Oct 2021 20:12:28 GMT
server
AmazonS3
age
14643
etag
"c0048e24fa6038a486075c4e45af5b75"
x-cache
Hit from cloudfront
x-amz-version-id
SgxSN3_Cy5.50FtrEEXM9GfuUXtg6ecm
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
14045
x-amz-cf-id
_WQ2TVo_6YJNNYOMHjIaOTyTH1sREBoD7RBenQgfq3SWqpLq8xqwow==
cdf6c934d3285f1ee7ec8b9a86a8306e53907f9bb355e45d5fb16fc90b4a4d78_small
cdn1.lockerdomecdn.com/uploads/ Frame 8EC1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/cdf6c934d3285f1ee7ec8b9a86a8306e53907f9bb355e45d5fb16fc90b4a4d78_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4614431a683f0bab6ac324c5fc539a6d7e39df632ad84f076338c81a44bbec83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:39:54 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2019 14:53:24 GMT
server
AmazonS3
age
18293
etag
"5548054833cfad51b0ddc4a44f75b2a0"
x-cache
Hit from cloudfront
x-amz-version-id
E.ZetAB0xnAeW.g.BtSoOAaL.r_uuiw0
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
21046
x-amz-cf-id
HR_jhxYAIhyn8Cssq-tocAlk-vB80RlFjPpVT37OawC-5zyMJYHZ3w==
cabb0b67dbca9e9e65abaf0018d38b1d8d54503308264201eb6833f1071d7361_small
cdn1.lockerdomecdn.com/uploads/ Frame 8EC1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/cabb0b67dbca9e9e65abaf0018d38b1d8d54503308264201eb6833f1071d7361_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67f5be4418a1d8b2bdc5a6c9a3106fecb60845f48e93bbac12c4e8d39931eacf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
sZc3EutUg.wfjb8Ib5EKEH7LEyclDBp7
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 21:11:37 GMT
server
AmazonS3
age
59758
etag
"f38546c020186f863fbd58d678974a71"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 19:34:13 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
13982
x-amz-cf-id
rAya161Sjcgpkpdh28ms9fqtAVL_Sgjh1A-hORCioewAiEg3vJgyBw==
983c8278c249e91be9207741fd1ad9502b5b2e894941b09a2a4ef2b0b0bb590a_small
cdn1.lockerdomecdn.com/uploads/ Frame 8EC1 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/983c8278c249e91be9207741fd1ad9502b5b2e894941b09a2a4ef2b0b0bb590a_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
383e12aa8e73a3caad8110f21c7f91e0d3937724c566b05545549bfb3f69a5cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:31:50 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jun 2021 18:28:06 GMT
server
AmazonS3
age
51177
etag
"c9a228808c4ac61218897b1fae030fa4"
x-cache
Hit from cloudfront
x-amz-version-id
MTfWz8ZPeGl6hcD9QTnnwLPKV2.3jBh1
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
21090
x-amz-cf-id
XWVcwHT7JyaAFJk-ODkVgGcEbrQKTI0t7VlNWVCzikEf_SwvEZ65Kw==
dc.js
stats.g.doubleclick.net/ Frame 0901 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3025
date
Tue, 09 Nov 2021 18:54:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 09 Nov 2021 20:54:21 GMT
dc.js
stats.g.doubleclick.net/ Frame 7B61 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3025
date
Tue, 09 Nov 2021 18:54:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 09 Nov 2021 20:54:21 GMT
dc.js
stats.g.doubleclick.net/ Frame 9A7A 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3025
date
Tue, 09 Nov 2021 18:54:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 09 Nov 2021 20:54:21 GMT
36572385c3d312657f063f19d17beeb4a59d00d1228e5980d4dd06239dc758df_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/36572385c3d312657f063f19d17beeb4a59d00d1228e5980d4dd06239dc758df_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec228f23153d19171244306afc91badad9085e1317fa0c1519e949b1a0cf777c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 06:51:12 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Tue, 23 Mar 2021 21:24:12 GMT
server
AmazonS3
age
46415
etag
"3343dcfd3fcdac11750c13fc9ccbfbc2"
x-cache
Hit from cloudfront
x-amz-version-id
k5A7WtbAxfzeV3Rdron70yL8.8u9M62R
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
12562
x-amz-cf-id
27lRr8kgLIW8CAUKhEswS_01tt9S-jSsfRDx84oAOQ3czTOsNsbbdg==
2980556fcaa7741ead1dad25031a5084f49a8ff20838ba3c8d60626c387cb070_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/2980556fcaa7741ead1dad25031a5084f49a8ff20838ba3c8d60626c387cb070_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae355cf9fdd00f6dec3384d157e7d357bdf485d091b6fe4449b39ea72f755c4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:33:45 GMT
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Thu, 29 Apr 2021 14:55:11 GMT
server
AmazonS3
age
18661
etag
"3b614fe7e21b095cfd2ce3edf7f28361"
x-cache
Hit from cloudfront
x-amz-version-id
ZRjTNjucmE54Bq2wNGqvU0.qEZTXZSWG
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
21831
x-amz-cf-id
82v7jxgUxyQtX11IErxMoB-v0U4vMhU82CPtE_qURRdO89LOG0l3iQ==
30305fa8d2a9424e8ecc20f39497ec4967e48d7d6a1f774abe94eda062151fb6_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/30305fa8d2a9424e8ecc20f39497ec4967e48d7d6a1f774abe94eda062151fb6_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f376a59da81ecbd9c461d913158d617e3875ad5f8f28c2518f6f326ecc621b67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
TIwF_vZ60ZL1pYiSyJKK5pfo8rZz7QIy
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 15:23:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"2d5321a457fb2a222d202eb0c41573a6"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 19:44:46 GMT
accept-ranges
bytes
content-length
15956
x-amz-cf-id
8bXLoezuddQ1hN9ulSgnEOS4D0yg9Y7DKpwx-omyd3kMe50-n2X37g==
dc.js
stats.g.doubleclick.net/ Frame 8EC1 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3025
date
Tue, 09 Nov 2021 18:54:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 09 Nov 2021 20:54:21 GMT
truncated
/ Frame 0901 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9576ab47d39dbaa78e8c32b6b526fd1ad8bd8c94a266a338a6d4f0627e8b4eda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 7B61 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b20dd203381763191766e1db240a36f0e706bfa2cc72bb9413554113a52a969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 9A7A 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c81689405cf661b35d10021c14f1f82e4bd8a7992d584041333de46b50cdfe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
42ecb2cdd481e130deec14db5dc44c3ca6d5a357bc954900ebc34d83c093a21e_small
cdn1.lockerdomecdn.com/uploads/ Frame 9A7A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/42ecb2cdd481e130deec14db5dc44c3ca6d5a357bc954900ebc34d83c093a21e_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e66f4ba3c4ee502f6bb641aafbd1a81e23b5519449628dd068c34b5ee2c7f6b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eMvAOQJmLtbYmSoMBJN7.wFzfbGy0y3R
via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified
Mon, 09 Nov 2020 17:11:10 GMT
server
AmazonS3
age
51307
etag
"78c8b7abb16f433ddd38e41948ed2e2f"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Tue, 09 Nov 2021 05:29:40 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
12099
x-amz-cf-id
LE8E1j8pVyTGsW0kybz-n7ni1Pzh8pgfwyfcCSDdeW0rSsASn8x8qQ==
truncated
/ Frame 8EC1 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3774f691ed0274da1e1008fc725883135156d1ca5aa147cc99bdb8384cb4720f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 7B61 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d907a8b694cc2ee1cd08e22755ed1e82cd6fa52aa3b27c86e77baa1722021d35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 9A7A 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff97ab0efeda7d8cc7a3d69cb59a6555696ab41056b9429e633547f6abd827f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 8EC1 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0654f5adf8f95316c662233c3c9503790ea953a19acb31256946d0f0d0e6868

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 48AA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 19:44:46 GMT
generate_204
www.youtube.com/ Frame 48AA 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?TGPgPw
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame 9A7A 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a2e395f34e6bd7ba0ea11cf17ed3d460d106aa2833db04468b8e6cda3c915a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 8EC1 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8206c819c8442478039f7aa4047edd4854ca974d0e78a0eaa32f9345aad60e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 9A7A 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
729bcb86c221341eabada36af1f02ddbb430bccbb5fb908315365d386c0bfaba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 8EC1 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b2d291c92912d48fa031a1bce3173abe49480136cafdf46ffe0d284d348a664

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1636487085944102329452&uniqId=0bcd5&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&sessionId=618acfae-04dcf&pageView=1&pvid=17d063b3f78a9b460a5&site=720235&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab989a1acd64a6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 9A7A 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
491ce1d6e74f626c25e8c84b9a4d943f2de6415d883217772b13121ace463908

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame 48AA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 18:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 10 Nov 2021 18:11:22 GMT
truncated
/ Frame 9A7A 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5769b737dc242169810e6d289a9670e624333aed29c58f8109947c76a2d1eb52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 9A7A 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79f0d0b222386bf59c21e0c65ec1d31c824d083f89af7ef7398c1f53ad73f4db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ab989a3b9254a6e-FRA
expires
Wed, 10 Nov 2021 19:44:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ab989a3b9284a6e-FRA
expires
Wed, 10 Nov 2021 19:44:46 GMT
truncated
/ Frame 9A7A 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1144fef04ea6454a232e68f9d9ddf6396c35fb84852cba4ec03212b8ffaa37fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
1
servicer.mgid.com/1149360/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1149360/1?pv=5&cbuster=1636487086331124075036&uniqId=0bcd5&niet=4g&nisd=false&jsv=es6&w=660&h=293&cols=2&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&sessionId=618acfae-04dcf&pageView=1&pvid=17d063b3f78a9b460a5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eacd8e83c92b18bdcfb532aacc84f5c7aaa8b1a615661036b2dbc67fe9aa69fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab989a419e44a6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1156929/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1156929/1?w=1140&h=2875&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1636487086346948278855&uniqId=072e1&childs=1225368&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&sessionId=618acfae-04dcf&pageView=0&pvid=17d063b3f78a9b460a5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5a972210d1abbf742a391b84bca63c4f7de5b560947229f10f60e0905d9eef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab989a419ef4a6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ab989a4ab2a5c14-FRA
expires
Wed, 10 Nov 2021 19:44:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
4118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ab989a4ab2f5c14-FRA
expires
Wed, 10 Nov 2021 19:44:46 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.mgid.com/g/3839414/492x277/84x0x758x505/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3839414/492x277/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1636487086-R5KMt5Ov4EdmmiHX2526-eqWIowzAYGUh07fe8wjUPE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda95717e02b994ed0a9f6372c57455dc035787c60e3e0cd9f2267dc4248650

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:05 GMT
x-mg-request-uuid
1b5ea743-f4d0-4498-9591-6ae03c4463e3
age
3387822
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb39dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12504
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp
s-img.mgid.com/g/3908681/492x277/0x0x894x596/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3908681/492x277/0x0x894x596/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp?v=1636487086-UOtpB48DZ7JEqsGKYKsJbX_J6Otrrkd67pxT-1SUSWE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d5d506cd6db74fc8eddeb84bdeec105506da31316534d4a6528096c76d0b9c

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
2208c487-31b0-48cb-a847-936418ee2576
age
3387743
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb44dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14398
server
cloudflare
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 11:03:51 GMT
server
nginx
etag
"9ff4-5c777e47117fe-gzip"
vary
Accept-Encoding
x-cached-since
2021-10-21T10:05:04+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6890
expires
Fri, 21 Oct 2022 10:05:04 GMT
mgWidget_1.11.55.js
cdn.mgid.com/js/wglibs/ 		349 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.55.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b9862d60f3cc4c8baacbd512ae0c69be241c43d901a81fbeaa72280dfc2cfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
3298
last-modified
Tue, 09 Nov 2021 08:49:43 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P6HTS1JQG2KK76KC
x-amz-id-2
6HWL9dIUOQc9AM48Fd1PWKKucIf2mCzTLtreEcWtfzHrPsQqfAVz5AAQhY0GNFNpdBhXyqWT4b4=
cf-bgj
minify
server
cloudflare
etag
W/"844e1715621cf0820de67e50dea61b35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6ab989a4bb4e5c14-FRA
expires
Wed, 10 Nov 2021 19:44:46 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjE4LHlfMzY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9iMjdmM...
s-img.mgid.com/g/10839613/492x277/-/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839613/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjE4LHlfMzY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9iMjdmMzk0OTNkZmFmYmY1N2U1N2UzNjFhNTE0ZmFjMC5qcGc.webp?v=1636487086-BGN9EX-UoqBWqmdUaqsKkRgYylOtHsrApu40eMjz8tk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d556fac2b9313addb39b4aec1de4f85a7f833286ed0a9114e4ea6038c716bf9

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:29:02 GMT
x-mg-request-uuid
5e1f95ea-9972-49f8-8dd0-3174939019ca
age
545927
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb41dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19804
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x277/0x0x640x426/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805664/492x277/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1636487086-iMfzzM4yI6i3_JJn3cHXSaVX16U6z7mqTcPZExOA6EM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f931a3bb0e4c391b26c47d537e88ce54c75b90d7b288b05f138b09c56063041b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:38 GMT
x-mg-request-uuid
e6dd986c-2f0f-4c98-8869-d563e10a89a5
age
3383779
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb3adffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20464
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1636487086-33fB6A5UwdEj1s45o-KFz3QE7UQSceD1rfVCh-Ik6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
x-mg-request-uuid
59b64024-b02c-4c57-997e-b7c8b47e4881
age
14197
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28540
last-modified
Tue, 11 May 2021 10:14:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb3edffb-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/492x277/0x20x598x398/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052393/492x277/0x20x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1636487086-4zowJ3KTulw7Ql1EDd7AEHE3JTnMNIrKPKBn6841nRU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid
0bb6bfa2-20e6-46b5-88c7-c0de99435e54
age
3387999
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb3ddffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x277/0x105x650x433/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097658/492x277/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1636487086-WpwnOqLx4OSloPC7wR9KBk_VXLTfUoUrTAIFviNQG7M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e866d279f5a0b4355d74744a1ad67a38b56c5db333f42bccfe4a629e40af3e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
403f598d-6367-451e-8cb6-0a9a727f1853
age
3385769
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb47dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12864
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvOWYxNzVkMzU3YTExNGVjY...
s-img.mgid.com/g/10839619/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839619/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvOWYxNzVkMzU3YTExNGVjYzlmMGI1OWY5YjFhYTk1YmUuanBlZw.webp?v=1636487086-FN4uQwNVNllYvHop6LqvyqoZPUvQQ6by_CR_yD_DUMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3371bd729363b1abb579de6b0e38024c587ee74c7345ae4da5d0652d9c422d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:27 GMT
x-mg-request-uuid
ec4c3ca2-7399-42d8-a13d-a11908c373cf
age
216209
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb48dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14314
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/492x277/278x0x828x552/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4023144/492x277/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1636487086-HZ-asffYgy96FZ-1G7rjr3luf5Yl_KRmNF0hlyQM_iw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
f3151eee-6e46-4df7-944d-3e4f0a58f1d6
age
3387822
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb4adffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14786
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1636487086-65GFIcVbw8VuTvcw_cUb2IYYbjRg0ZcKiat-xbWR2C8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid
895832b7-c702-47a5-8c2a-9f7a60fce902
age
3388237
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb4bdffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21168
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1636487086-OxpvtqN9SPHzgoh0fbo2rfM7S_BJJax0SClnr-YhAFw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:12 GMT
x-mg-request-uuid
7139ebce-b584-41e7-add4-3d1861717f25
age
3387893
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb4cdffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21064
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1636487086-I-j68YYlq1h4_ZKqJbgdonFeZd0_xdHTbr86U8rdkb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:07 GMT
x-mg-request-uuid
2ea3fe7d-37bd-4730-be3b-6959a3c545bf
age
1081085
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4cb4ddffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28600
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp
s-img.mgid.com/g/3805441/492x277/0x0x492x328/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805441/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp?v=1636487086-JOITLgqynRlGSECrihmCnPlQv7_1Jm_W5POpIgCirD8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6151af5b41cd0187b28ad2a3c1e38fc45b77ffa45b3311bc2124676ce3b638d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:48 GMT
x-mg-request-uuid
57ea6fdb-22eb-4e4f-8f52-cee556dec14a
age
3347753
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4db4edffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16646
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp
s-img.mgid.com/g/3944301/492x277/0x0x900x600/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944301/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp?v=1636487086-nrYFC4Pr6-XsBwycrikzrkpPKqkLxmBXoxo_6s0yfzQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ae740fe8356c17d751a26eadec94e0ffce6ebe1de5f28b6cc822906731b83

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
756bd6a6-a4df-4e79-81c0-d8405f9d9273
age
3387822
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4db4fdffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38384
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp
s-img.mgid.com/g/3805572/492x277/0x0x492x328/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805572/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp?v=1636487086-DTn8I_9iqz4xSQHpzDj1qlA8-jhR__xo5P12SkOIGls
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:20 GMT
x-mg-request-uuid
4791735b-a783-43a2-9688-5385c291d9e9
age
3386954
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4db50dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19440
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10881024/492x277/-/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881024/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1636487086-IK496OzSwJpiV8RlIJNSw1_8Fu9PPcMzTe4NAifd3Vs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:46 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:46:57 GMT
x-mg-request-uuid
68e776ef-c98d-4932-939d-938fecbfe5f0
age
3044797
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a4db51dffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
i.js
cm.mgid.com/ 		2 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1636487086530608131906
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12e2c2b8ca7f85c66a6eede4913c4347cf3a728e5492e30074a8a291e388c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a55c504a6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 9491 		19 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1636487086572143377513
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a59d1b4a6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sync.html
s.adtelligent.com/ Frame E12D 		1 KB
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1636487086530608131906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:506:0:ec4:7aff:fec2:7e6e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
VertaMedia 1.0
Date
Tue, 09 Nov 2021 19:44:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame EC74
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1636487086530608131906
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=la9K1hCMoiIb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ab989a5f9ad5364-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=2DrW8XdawHHLj064BBlh&pi=mgid&tc=1
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=2DrW8XdawHHLj064BBlh&pi=mgid&tc=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a6c82a5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=2DrW8XdawHHLj064BBlh&pi=mgid&tc=1
pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT, Tue, 09 Nov 2021 19:44:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_ad26592d-3ee5-4f30-a15d-3c2492e35fc7&bsw_param=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&expires=10
  • https://cm.mgid.com/m?cdsp=433145&c=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&us_privacy=
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a82be85c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 09 Nov 2021 19:44:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=la9K1hCMoiIb
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=7452029736419221580&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:47 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mw
mwzeom.zeotap.com/ 		95 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=la9K1hCMoiIb&zpartnerid=1532&zdid=1532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
cf-ray
6ab989a60e197028-FRA
access-control-allow-headers
*
content-length
95
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGE5SzFoQ01vaUli&muidn=la9K1hCMoiIb
  • https://cm.mgid.com/google?muidn=la9K1hCMoiIb&google_ula={guid},5&google_gid=CAESEIYRhGpVkkOCIpgalRam-QU&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=la9K1hCMoiIb&google_ula={guid},5&google_gid=CAESEIYRhGpVkkOCIpgalRam-QU&google_cver=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ab989a5fe1c5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=la9K1hCMoiIb&google_ula={guid},5&google_gid=CAESEIYRhGpVkkOCIpgalRam-QU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=829dc61b-75e2-4641-ab0e-9d90e553c4f5&ttl=1639079087
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=829dc61b-75e2-4641-ab0e-9d90e553c4f5&ttl=1639079087
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a60e6a5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=829dc61b-75e2-4641-ab0e-9d90e553c4f5&ttl=1639079087
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=e1545b45-085f-47f0-9da0-a15a806634d4
43 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=e1545b45-085f-47f0-9da0-a15a806634d4
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989aa38f65c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=e1545b45-085f-47f0-9da0-a15a806634d4
date
Tue, 09 Nov 2021 19:44:47 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=la9K1hCMoiIb
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=la9K1hCMoiIb
  • https://inv-nets.admixer.net/bs/cm.aspx?id=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&consent=&gdpr_pd=
Protocol
HTTP/1.1
Server
204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=da751ef1-849a-44f2-b3b1-9e5a0b4123c9&gdpr=&consent=&gdpr_pd=
Date
Tue, 09 Nov 2021 19:44:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=la9K1hCMoiIb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ab989a60e236964-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=cb75f8b7-970d-4964-bd4a-bb74b725adcd
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=cb75f8b7-970d-4964-bd4a-bb74b725adcd
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ab989a749625c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=cb75f8b7-970d-4964-bd4a-bb74b725adcd
date
Tue, 09 Nov 2021 19:44:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
5f431e98-d068-4121-80c6-6b10f6bbe34f
player.ex.co/player/ 		692 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.55.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee2a60bab3f8b2c45c707485818cde9a744b5666600bc8acca0b81240d52af08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
gzip
age
13730
x-cache
MISS, HIT
access-control-max-age
600
content-length
207960
x-served-by
cache-dca17741-DCA, cache-fra19143-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1636487087.073908,VS0,VE2
etag
W/"acfa0-6zK1P7/31YdU4iXcF0liPThFtSg"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.mgid.com/g/3839414/492x277/84x0x758x505/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3839414/492x277/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1636487086-R5KMt5Ov4EdmmiHX2526-eqWIowzAYGUh07fe8wjUPE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda95717e02b994ed0a9f6372c57455dc035787c60e3e0cd9f2267dc4248650

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:05 GMT
x-mg-request-uuid
1b5ea743-f4d0-4498-9591-6ae03c4463e3
age
3387823
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a6ca5a6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12504
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp
s-img.mgid.com/g/3908681/492x277/0x0x894x596/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3908681/492x277/0x0x894x596/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp?v=1636487086-UOtpB48DZ7JEqsGKYKsJbX_J6Otrrkd67pxT-1SUSWE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d5d506cd6db74fc8eddeb84bdeec105506da31316534d4a6528096c76d0b9c

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:01 GMT
x-mg-request-uuid
2208c487-31b0-48cb-a847-936418ee2576
age
3387744
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a6ca5c6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14398
server
cloudflare
usync.js
eus.rubiconproject.com/ Frame EC74 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
916e37d5d659698d98b2e8b0d63151cb142d85b3e35654754ff0a2df524a7a14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39788
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 10 Nov 2021 06:47:55 GMT
events
prd-collector-anon.ex.co/main/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 18:18:07 GMT
server
ESF
date
Tue, 09 Nov 2021 19:44:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Nov 2021 19:44:47 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzXaMNrb_qmTb8FvOI8rtyw5Klcl86amG3BhAgB5ru7giatCZYZIc-lLAetv3TKcTaEuAs3GCtFCgLTc4XiTKyTprFnOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Nov 2021 19:49:47 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 018C 		363 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtCAP1TXfOAVNjclmKRl8ICUVOJUjUVt8gjsxIZVE4rvmOl0bl-gGB4quL84qp_jQiw-fKOQUKTrKs6FwlQuQvXgfdwSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103927
last-modified
Sun, 07 Nov 2021 12:58:51 GMT
server
UploadServer
etag
"ead6fc13b8318d0aa9c7318a2a0e7611"
vary
Accept-Encoding
x-goog-hash
crc32c=HbphvQ==, md5=6tb8E7gxjQqpxzGKKg52EQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289931652949
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103927
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Nov 2021 19:49:47 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
khaos.jpg
token.rubiconproject.com/ Frame EC74 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.mgid.com/g/3839414/492x277/84x0x758x505/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3839414/492x277/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1636487086-R5KMt5Ov4EdmmiHX2526-eqWIowzAYGUh07fe8wjUPE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda95717e02b994ed0a9f6372c57455dc035787c60e3e0cd9f2267dc4248650

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:05 GMT
x-mg-request-uuid
1b5ea743-f4d0-4498-9591-6ae03c4463e3
age
3387823
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a84e116937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12504
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjE4LHlfMzY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9iMjdmM...
s-img.mgid.com/g/10839613/492x277/-/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839613/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjE4LHlfMzY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9iMjdmMzk0OTNkZmFmYmY1N2U1N2UzNjFhNTE0ZmFjMC5qcGc.webp?v=1636487086-BGN9EX-UoqBWqmdUaqsKkRgYylOtHsrApu40eMjz8tk
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d556fac2b9313addb39b4aec1de4f85a7f833286ed0a9114e4ea6038c716bf9

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:29:02 GMT
x-mg-request-uuid
5e1f95ea-9972-49f8-8dd0-3174939019ca
age
545928
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a84e176937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19804
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x277/0x0x640x426/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805664/492x277/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1636487086-iMfzzM4yI6i3_JJn3cHXSaVX16U6z7mqTcPZExOA6EM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f931a3bb0e4c391b26c47d537e88ce54c75b90d7b288b05f138b09c56063041b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:38 GMT
x-mg-request-uuid
e6dd986c-2f0f-4c98-8869-d563e10a89a5
age
3383780
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a84e1c6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20464
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1636487086-33fB6A5UwdEj1s45o-KFz3QE7UQSceD1rfVCh-Ik6JE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
x-mg-request-uuid
59b64024-b02c-4c57-997e-b7c8b47e4881
age
14198
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28540
last-modified
Tue, 11 May 2021 10:14:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a84e1d6937-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/492x277/0x20x598x398/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052393/492x277/0x20x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1636487086-4zowJ3KTulw7Ql1EDd7AEHE3JTnMNIrKPKBn6841nRU
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid
0bb6bfa2-20e6-46b5-88c7-c0de99435e54
age
3388000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a84e1e6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x277/0x105x650x433/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097658/492x277/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1636487086-WpwnOqLx4OSloPC7wR9KBk_VXLTfUoUrTAIFviNQG7M
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e866d279f5a0b4355d74744a1ad67a38b56c5db333f42bccfe4a629e40af3e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
403f598d-6367-451e-8cb6-0a9a727f1853
age
3385770
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e216937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12864
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvOWYxNzVkMzU3YTExNGVjY...
s-img.mgid.com/g/10839619/492x277/-/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839619/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvOWYxNzVkMzU3YTExNGVjYzlmMGI1OWY5YjFhYTk1YmUuanBlZw.webp?v=1636487086-FN4uQwNVNllYvHop6LqvyqoZPUvQQ6by_CR_yD_DUMg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3371bd729363b1abb579de6b0e38024c587ee74c7345ae4da5d0652d9c422d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:27 GMT
x-mg-request-uuid
ec4c3ca2-7399-42d8-a13d-a11908c373cf
age
216210
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e236937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14314
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/492x277/278x0x828x552/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4023144/492x277/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1636487086-HZ-asffYgy96FZ-1G7rjr3luf5Yl_KRmNF0hlyQM_iw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
f3151eee-6e46-4df7-944d-3e4f0a58f1d6
age
3387823
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e246937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14786
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1636487086-65GFIcVbw8VuTvcw_cUb2IYYbjRg0ZcKiat-xbWR2C8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:56 GMT
x-mg-request-uuid
895832b7-c702-47a5-8c2a-9f7a60fce902
age
3388238
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e256937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21168
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp
s-img.mgid.com/g/8052388/492x277/0x0x672x448/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052388/492x277/0x0x672x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0LzBmOGNkNzk2YWZlMTgwMjkyMTQ5ZDQwOTEzY2M4NDAwLmpwZWc.webp?v=1636487086-OxpvtqN9SPHzgoh0fbo2rfM7S_BJJax0SClnr-YhAFw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:12 GMT
x-mg-request-uuid
7139ebce-b584-41e7-add4-3d1861717f25
age
3387894
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e266937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21064
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1636487086-I-j68YYlq1h4_ZKqJbgdonFeZd0_xdHTbr86U8rdkb4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:07 GMT
x-mg-request-uuid
2ea3fe7d-37bd-4730-be3b-6959a3c545bf
age
1081086
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e276937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28600
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp
s-img.mgid.com/g/3805441/492x277/0x0x492x328/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805441/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp?v=1636487086-JOITLgqynRlGSECrihmCnPlQv7_1Jm_W5POpIgCirD8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6151af5b41cd0187b28ad2a3c1e38fc45b77ffa45b3311bc2124676ce3b638d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:48 GMT
x-mg-request-uuid
57ea6fdb-22eb-4e4f-8f52-cee556dec14a
age
3347754
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e286937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16646
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp
s-img.mgid.com/g/3944301/492x277/0x0x900x600/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944301/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw.webp?v=1636487086-nrYFC4Pr6-XsBwycrikzrkpPKqkLxmBXoxo_6s0yfzQ
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ae740fe8356c17d751a26eadec94e0ffce6ebe1de5f28b6cc822906731b83

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:11 GMT
x-mg-request-uuid
756bd6a6-a4df-4e79-81c0-d8405f9d9273
age
3387823
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e296937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38384
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp
s-img.mgid.com/g/3805572/492x277/0x0x492x328/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805572/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY.webp?v=1636487086-DTn8I_9iqz4xSQHpzDj1qlA8-jhR__xo5P12SkOIGls
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:20 GMT
x-mg-request-uuid
4791735b-a783-43a2-9688-5385c291d9e9
age
3386955
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e2b6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19440
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10881024/492x277/-/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881024/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1636487086-IK496OzSwJpiV8RlIJNSw1_8Fu9PPcMzTe4NAifd3Vs
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:46:57 GMT
x-mg-request-uuid
68e776ef-c98d-4932-939d-938fecbfe5f0
age
3044798
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ab989a85e2d6937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
csync
sync.adtelligent.com/ Frame E12D 		0
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=resistthemainstream.org&sn=&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.1.2.85&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&stagid=&stplid=&e=inventory&vi=0&cb=1636487087242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		34 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.95.0&AV_PAGE_LOAD_UID=fe84b06b-268b-4505-9c40-a53a23288d29&AV_CDIM4=fe84b06b-268b-4505-9c40-a53a23288d29&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6187a5a49268ad27da7716d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=resistthemainstream.org&AV_DADPOS=3&d36=6.1.2.85&responsive=1&sver=1&avtoken=87241&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1636487087287
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-55.compute-1.amazonaws.com
Software
/
Resource Hash
9c71ae3a49529728b30e197f67994238ca0a11ce81067f4cd710f540996592cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 29 Oct 2021 05:58:07 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Last-Modified
Fri, 18 Dec 2020 17:35:15 GMT
Server
cloudinary
X-Timer
S1610539998.790487,VS0,VE1
ETag
"a42c7ae8b866ad428f953d7bc38769d0"
X-Served-By
cache-wdc5551-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5610462
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1127
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Last-Modified
Fri, 18 Dec 2020 17:34:38 GMT
Server
cloudinary
X-Timer
S1610542837.714651,VS0,VE1
ETag
"b87901333b21d30f970a9d9982f6400d"
X-Served-By
cache-wdc5538-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613373
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1331
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-116747

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 0-116747/913116
Connection
keep-alive
Content-Length
116748
X-Served-By
cache-wdc5564-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:37 GMT
Server
cloudinary
X-Timer
S1610542837.890346,VS0,VE0
ETag
"a7d8f4b80d06c540ff9289b382f53422"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613390
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
610dde8f-ffe7-4d64-b849-55d4a0bafed3
https://resistthemainstream.org/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/610dde8f-ffe7-4d64-b849-55d4a0bafed3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Last-Modified
Fri, 18 Dec 2020 17:34:49 GMT
Server
cloudinary
X-Timer
S1610542837.147570,VS0,VE1
ETag
"61fce59e82eca3dfbd97c9bb6ec77a6d"
X-Served-By
cache-wdc5538-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613357
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1342
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
34a014a4fafbb190c8cbfb28402e7061dbc8acaae13875380417274a5eba748a

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-203415

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 0-203415/1487268
Connection
keep-alive
Content-Length
203416
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613096
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
2a279d992c6bf8113e7080b7ed759204634ab0f9743f7204b3a33b5f8c448521

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=203416-327683

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 203416-327683/1487268
Connection
keep-alive
Content-Length
124268
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613096
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:56 GMT
x-content-type-options
nosniff
age
81171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:56 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:47 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
47aedfb3cf86b485cbdef1c33f75a5a396dc41cdaed29f60dbbc1f12ab8e118e

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=327684-499327

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 327684-499327/1487268
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613096
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8f467b5044a62ab0f14bb30db370369059a4887d7943929f46047c030b4063db

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=499328-644463

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 499328-644463/1487268
Connection
keep-alive
Content-Length
145136
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613096
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:47 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		125 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
4c72b5ac0bd91bb0f2829e32ff6632e83a15b43349f90e2ea142bb09edbfc103

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=644464-772679

Response headers

Date
Tue, 09 Nov 2021 19:44:47 GMT
Content-Range
bytes 644464-772679/1487268
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613096
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E360 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=35816
expires
Wed, 10 Nov 2021 05:41:44 GMT
date
Tue, 09 Nov 2021 19:44:48 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 5786 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f3bed13a6a736e4225ec184bb4a9b1a4779220a451c13db8c4689473128c33a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|130|221|40|8|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1465
Expires
Tue, 09 Nov 2021 19:44:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 114A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Nov 2021 19:44:48 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Tue, 09 Nov 2021 19:44:48 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:48 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame 018C 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduRQDC_Tal2z9dRKvcfB8xiRdmSwsDRUTkTvVMHneE3NLs_48zd-gZIM_dN4sEouRK4pGTw_PC-du-eMHBHeDaGo6OMLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99475
last-modified
Sun, 07 Nov 2021 12:57:43 GMT
server
UploadServer
etag
"e4f50e6002c3454b61c9472c8f4386b9"
vary
Accept-Encoding
x-goog-hash
crc32c=t1bvWQ==, md5=5PUOYALDRUthyUcsj0OGuQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289863354883
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99475
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Nov 2021 19:49:48 GMT
ac
www9.smartadserver.com/ 		129 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=970205326664642867&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6487087663
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
ptv
ib.adnxs.com/ 		27 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=23295453&cb=6487087664
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
96b065ea-7589-4850-95f1-af1c31d0f188
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ac
www9.smartadserver.com/ 		129 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=970205326664642866&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6487087665
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
ac
www9.smartadserver.com/ 		129 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=970205326664642868&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6487087665
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:47 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1636487087667&asid=6187a5a23223786bb66bb49e%2C6187a5a2beecd3492774a80b%2C60ebfe94ebe867570438e997%2C60254eaaea2c62223814f756%2C60254e56dcfb6a082e596646%2C5fa2711a54dbb238c9289f7d%2C5d7a45e628a0614c5e396e0d%2C6187a5a32b5ac64951145316%2C5fd1f2cc9772f87a350a855b%2C5fa2a98bba80693a416064d7%2C5c18de8528a061035b671e18%2C5b30e37c073ef468ec3ca049%2C6061efdbb7a06416cc5b4805%2C6187a5a36be9b850bf589efb&ofpr=%2C%2C%2C1%2C%2C2%2C1.5%2C%2C1.5%2C%2C%2C%2C2%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 09 Nov 2021 19:44:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
d26c45109ef0ca4d83ea062736e9e49b425314dddc45838f8ba38436b899e88c

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=772680-923455

Response headers

Date
Tue, 09 Nov 2021 19:44:48 GMT
Content-Range
bytes 772680-923455/1487268
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5555-WDC
Last-Modified
Fri, 18 Dec 2020 17:34:48 GMT
Server
cloudinary
X-Timer
S1610542633.902660,VS0,VE0
ETag
"9030cd4b822f6ae704fc84b18a256ccb"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=5613095
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
prebid
ib.adnxs.com/ut/v3/ 		138 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9fc519133e1c703b9f5cc7b99cd914176144def0e7bc952316873b9f0ab67ea8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
350746a7-195a-4d61-9196-42d02d226a77
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=27ab1678-3615-4553-9608-ebed914d06ec&nocache=1636487087747&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A679%2C%22h%22%3A383%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=540851142&vwd=679&vht=383&aumfs=1500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a5bf0ac6-c042-45d9-9698-be4570a32efb&nocache=1636487087752&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A679%2C%22h%22%3A383%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544001351&vwd=679&vht=383&aumfs=2000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
usync.js
eus.rubiconproject.com/ Frame 114A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
916e37d5d659698d98b2e8b0d63151cb142d85b3e35654754ff0a2df524a7a14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39787
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 10 Nov 2021 06:47:55 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 48AA 		28 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/vGZKdQ8a_YA?feature=oembed&color=red&rel=1&controls=1&start=10&end=10&fs=1&iv_load_policy=1
X-YouTube-Client-Version
1.20211107.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtTd0w5SEdpejlHRSitn6uMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636487085302&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image&bid=ANyPxKr1hNLPOQHjI1Qsr96O7ih4B-Awahxf5yRiQHXjXvDf5pepFDBJJlpgM3O5nIItsim1CsBNMLAKGB9REFIDzjvs85bOxg

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:48 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E360 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55922110&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-length
0
getuid
secure.adnxs.com/ Frame 5786 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5786 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYrPrcS6NWwB4-GGZ9syEwAABHwAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:c036:7711:2b3c:f287 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 5786
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8369973947737466976
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8369973947737466976
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8369973947737466976
pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5786
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB-Jk7DFZ8AACgHAOtsSg&expiration=1637696688&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB-Jk7DFZ8AACgHAOtsSg&expiration=1637696688&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAB-Jk7DFZ8AACgHAOtsSg&expiration=1637696688&gdpr=1
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 5786
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1
49 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.237
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYrPrcS6NWwB4.GGZ9syEwAA%261148?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.5.95
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5786
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ca96e80e-2594-4a58-93ca-ae42ab4255a5&expiration=1668023088
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ca96e80e-2594-4a58-93ca-ae42ab4255a5&expiration=1668023088
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ca96e80e-2594-4a58-93ca-ae42ab4255a5&expiration=1668023088
date
Tue, 09 Nov 2021 19:44:48 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 5786
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:48 GMT

Redirect headers

date
Tue, 09 Nov 2021 19:44:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
cookiesyncendpoint
sync.aniview.com/ Frame 5786 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636487087953-969955866463-007945-006-006089&biddername=42&key=YYrPrcS6NWwB4.GGZ9syEwAA%261148
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.247.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-247-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame 114A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/jpg
cs&eq_cc=1
um2.eqads.com/um/ Frame FAA9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636487087953-969955866463-007945-006-006089%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
59175eae6dda16aab12baa85a749cacfbb101b99b79d993d1d9f5bbeba37b1a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 09 Nov 2021 19:44:48 GMT
pragma
no-cache

Redirect headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1636487088004&asid=6187a5a23223786bb66bb49e%2C6187a5a2beecd3492774a80b%2C60ebfe94ebe867570438e997%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0086 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B5CE 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D64B 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5E5D 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Tue, 09 Nov 2021 19:44:48 GMT
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame A86D 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
339881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0086 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 19:44:48 GMT
integrator.js
adservice.google.com/adsid/ Frame 0086 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 210E 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
339881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5E5D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 19:44:48 GMT
integrator.js
adservice.google.com/adsid/ Frame 5E5D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 2E92 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
339881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D64B 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 19:44:49 GMT
integrator.js
adservice.google.com/adsid/ Frame D64B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame D996 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
339881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B5CE 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 19:44:49 GMT
integrator.js
adservice.google.com/adsid/ Frame B5CE 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 19:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 512F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 20:18:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A5CD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 20:18:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8718 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 20:18:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4E16 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 20:18:40 GMT
crum
dsum-sec.casalemedia.com/ Frame FAA9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=2ae9b382-84c5-4a42-ac05-a5992e88cf04&expiration=1644435888
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 19:44:48 GMT
371.json
id5-sync.com/g/v2/ 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.34.104 , France, ASN16276 (OVH, FR),
Reverse DNS
p33.id5-sync.com
Software
/
Resource Hash
ac91da591ede161e3ded6592d6e3601ac9e71ee843adc2af51b578f1207a57a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Tue, 09 Nov 2021 19:44:12 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F15D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=35815
expires
Wed, 10 Nov 2021 05:41:44 GMT
date
Tue, 09 Nov 2021 19:44:49 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame DE41 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
09f4cd794177dfc5dede2a3c4fd6887dc5fd0dcef3b3bc01663d4ced7a78bd9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 09 Nov 2021 19:44:48 GMT
content-type
text/html
content-length
417
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame E5EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 10 Nov 2021 19:44:50 GMT
Date
Tue, 09 Nov 2021 19:44:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame DE41
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7e5618a-cfb1-4a00-b776-f51e79e3ba93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7e5618a-cfb1-4a00-b776-f51e79e3ba93
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 09 Nov 2021 19:44:49 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7e5618a-cfb1-4a00-b776-f51e79e3ba93
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 19:44:48 GMT
sd
us-u.openx.net/w/1.0/ Frame DE41
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UrwzQQfraRFJvW5EB7smFVW6OBRJ6TtBVexZwBnH
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UrwzQQfraRFJvW5EB7smFVW6OBRJ6TtBVexZwBnH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UrwzQQfraRFJvW5EB7smFVW6OBRJ6TtBVexZwBnH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame DE41
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9215867005113022602
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9215867005113022602
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9215867005113022602
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame DE41 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=093d5180-0c09-770e-c7c5-706cd6c0632f&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DE41 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjU1MjgyNGEtYzU3ZS0yOWFhLWQyMjUtMmFkNTFjMjJhZDRm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DE41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIvgbdn9AlyihNIZdi1mgQs&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIvgbdn9AlyihNIZdi1mgQs&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIvgbdn9AlyihNIZdi1mgQs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E5EE 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:49 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3d71763a-1db0-40db-a8f0-7902383e90d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A86D 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=490846271344353&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C8&sid=8A809578-F96B-4F0C-BA1F-2C3813716F94&nel=0&eid=44737473%2C44752052&url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&dt=1636487088945&cookie_enabled=1&scor=505159880565437&ged=ve4_td1_tt0_pd1_la1000_er5674.321.5826.621_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5c63eaa53569b98cee60422f33638066f99b7350c36e95960a3acfb93882922b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
942
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 210E 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3851238775464193&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2758553450&sdk_apis=2%2C8&sid=D0EB89AA-B08C-490C-8388-F0D833FC0A52&nel=0&eid=21064201%2C44750822%2C668123729&url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&dt=1636487088962&cookie_enabled=1&scor=3652457837822539&ged=ve4_td1_tt0_pd1_la1000_er5674.321.5826.621_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2E92 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2507578143645902&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C8&sid=48B3A0E5-5452-4867-B051-7550E883139F&nel=0&eid=40819805%2C44737473&url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&dt=1636487088968&cookie_enabled=1&scor=140309289544153&ged=ve4_td1_tt0_pd1_la1000_er5674.321.5826.621_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D996 		2 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=1223380188905966&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C8&sid=9B468B6E-9BF0-4273-96F4-CE609DD116E8&nel=0&eid=44725355%2C44751786&url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&dt=1636487088974&cookie_enabled=1&scor=194430999588279&ged=ve4_td1_tt0_pd1_la1000_er5674.321.5826.621_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
485bf181f2733a9c30b16f945e2500d6ae72b7b1aa22c98bddb28e664a88a6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
944
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A86D 		76 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fneighbors-build-home-for-veteran-hes-always-got-a-place-here%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8A809578-F96B-4F0C-BA1F-2C3813716F94&adk=3721417804&cookie_enabled=1&correlator=490846271344353&dt=1636487089258&ged=ve4_td1_tt0_pd1_la1000_er5674.321.6057.1000_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&osd=2&scor=505159880565437&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&eid=44737473%2C44752052&hl=en&frm=0&sdki=44d&sdkv=h.3.488.0&sdr=1&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
07bf566e3bd2cf7dc41ff9d46ddabbe062a539f02e5940626101808e7c9f224a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16247
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A86D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvsi5r3b&c=4685335409421&slotId=2342667704710.5&qqid=CLWFpb2FjPQCFdGH_QcdqCYOGA&gqid=sc-KYeCBKaT_7_UPjr-TwAo&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44737473%2C44752052&met.4=ghmsh_s.kvsi5rr1~ghmsh_s.kvsi5rr3&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=xLGaWm1lxOPpKkVd
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A86D 		453 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:23:36 GMT
x-content-type-options
nosniff
age
1274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Nov 2021 20:13:36 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjwmQsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOxCRzwYoNSLebIgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&sigh=o9Gcgp1UnRg&label=show_ad&acvw=&sdkv=h.3.488.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUh0QDyUAAGBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame A86D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cg0mMsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBCnlj2oCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHCEwYYqOm11APYEw3QFQHiFgIIAYAXAbIXHgocCAASFHB1Yi05NzkwNzYyODExMDU3Njk5GNHVEw&sigh=GT4qgjlEbzE&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vt=10&sdkv=h.3.488.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUh0QDyUAAGBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
hqdefault.jpg
i.ytimg.com/vi/q-8UJhCaKHk/ Frame A86D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/q-8UJhCaKHk/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9af024ba556e69b4c433211e6b22eadddf333dbc4e408a74f73a7bd0033479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:43:17 GMT
x-content-type-options
nosniff
age
93
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9676
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Nov 2021 21:43:17 GMT
AKedOLQBcshSfgU2QK30wNqNO_S2zsEJZT44PawvX-BWBw=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A86D 		777 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQBcshSfgU2QK30wNqNO_S2zsEJZT44PawvX-BWBw=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ac7c7cf73211354b0ee802992e682a928983031a5611cb8acbefbac7042d6321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:59:51 GMT
x-content-type-options
nosniff
age
6299
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
777
x-xss-protection
0
server
fife
etag
"vdd5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 08:05:11 GMT
truncated
/ Frame A86D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0086 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=resistthemainstream.org&host=resistthemainstream.org&success=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0086 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvsi5qne&c=4685335409421&slotId=2342667704710.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A86D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.488.0&e=44737473%2C44752052&id=ima_html5&c=453806117776772&domain=resistthemainstream.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-4g5ednsl.googlevideo.com/
Redirect Chain
  • https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&mh=TO&mm=31&mn=sn-4g5...
  • https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...
819 KB
820 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=14.071&lmt=1634957467751251&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOX9vWrJjDdMZcGNqTHkHMoMtpnbKapkgj2cCi48606qAiEApyqEI4A0JrAcQj-BoggXHBoFoZZx63XWvCRGuvHWxxw=&cpn=xLGaWm1lxOPpKkVd&redirect_counter=1&rm=sn-4g5e6z7z&req_id=adb69dbf93d336e2&cms_redirect=yes&ipbypass=yes&mh=TO&mip=2a01:4f8:a1:1a1:85::1&mm=31&mn=sn-4g5ednsl&ms=au&mt=1636486650&mv=u&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgFO0wOHdDHVYMuLilyrRF1Twow0RTFhASwuI6HZLvx8YCIQDRwPJDKXUsW7EiPicZX9UloWpFJZ-BHIU9rLfIebbpCg%3D%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:6a::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
bde10f0722cbb2385a8b1c788526bf3c537b253e66e4c26389f79c38875fd667
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 19:44:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Oct 2021 02:51:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-839042/839043
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
839043
Expires
Tue, 09 Nov 2021 19:44:50 GMT

Redirect headers

Date
Tue, 09 Nov 2021 19:44:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr4---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1636515889&ei=sc-KYcDfNpGmgAfonKqACw&ip=168.119.25.194&id=abef1426109a2879&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=14.071&lmt=1634957467751251&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOX9vWrJjDdMZcGNqTHkHMoMtpnbKapkgj2cCi48606qAiEApyqEI4A0JrAcQj-BoggXHBoFoZZx63XWvCRGuvHWxxw=&cpn=xLGaWm1lxOPpKkVd&redirect_counter=1&rm=sn-4g5e6z7z&req_id=adb69dbf93d336e2&cms_redirect=yes&ipbypass=yes&mh=TO&mip=2a01:4f8:a1:1a1:85::1&mm=31&mn=sn-4g5ednsl&ms=au&mt=1636486650&mv=u&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgFO0wOHdDHVYMuLilyrRF1Twow0RTFhASwuI6HZLvx8YCIQDRwPJDKXUsW7EiPicZX9UloWpFJZ-BHIU9rLfIebbpCg%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Tue, 09 Nov 2021 19:44:50 GMT
async_usersync
ib.adnxs.com/ Frame E5EE 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 19:44:50 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
04fd46a6-a4e3-4668-8594-a0199489bbf8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame A86D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvsi5rr7&c=4685335409421&slotId=2342667704710.5&qqid=CLWFpb2FjPQCFdGH_QcdqCYOGA&gqid=sc-KYeCBKaT_7_UPjr-TwAo&fb=ima_html5-lima&sdkv=h.3.488.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kvsi5rr8~vss_tr.13j
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjwmQsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOxCRzwYoNSLebIgAoDmAsByAsB0AsOuAwB2BMN0BUB4hYCCAGAFwE&sigh=o9Gcgp1UnRg&label=video_ad_loaded&acvw=&sdkv=h.3.488.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUh0QDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame A86D 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 10:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 04 Nov 2022 10:11:03 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame A86D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cg0mMsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBCnlj2oCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHCEwYYqOm11APYEw3QFQHiFgIIAYAXAbIXHgocCAASFHB1Yi05NzkwNzYyODExMDU3Njk5GNHVEw&sigh=GT4qgjlEbzE&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.488.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D5674,321,6057,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14001%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487089912%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A86D 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQuxKtyk3CnpWT6rQF_AgetQ7JdZhIuse2Vk0G9QKliT1VSQ4HsdMgwY4538WvQJyJ3BK9BShJvnFESrSlAEuTOJT8GQiirW_gERAEfq7WGSmgW6PhIO9Ry9v8kNBvbVMMlP_pKmO99Fqg&sai=AMfl-YQdNB7r836v0hL44n9-tDFbmqTmOj1C8DzyKI9r6OVT-tTCfpO1drQxHs6-t69G51b2NrE8NaINDH74fJEPdbCCW6g72KYsKZhqFJqELB_lbV3H9v_qmDk3zC_1&sig=Cg0ArKJSzF87AtqIZDGDEAE&cid=CAASF-Ro7aH-nsscYQi80xFLdOtyzJYalK3b&id=lidarv&acvw=sv%3D905%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D5674,321,6057,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14001%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487089914%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D5674,321,6057,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D14001%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487089917%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A86D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.488.0&e=44737473%2C44752052&id=ima_html5&c=453806117776772&domain=resistthemainstream.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=admute&ad_mt=0&acvw=sv%3D905%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D5674,321,6057,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D25%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D25%26pst%3D-1%26dur%3D14001%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D25%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487089924%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:50 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Tue, 09 Nov 2021 19:44:50 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=impression&cb=1636487087656&ad=19&vi=0&d4=1&d5=2&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1636487089935&cid=6187a5a49268ad27da7716d8&VERSION=4.95.0&AV_PAGE_LOAD_UID=fe84b06b-268b-4505-9c40-a53a23288d29&AV_CDIM4=fe84b06b-268b-4505-9c40-a53a23288d29&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=start&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=604&iid=1156929&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%227e5e0af7-4195-11ec-8a9a-d094662c24f7%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Referral%22%2C%22ts%22%3A%22telegram%22%7D&t=0&c=64489&h=sAnAo_ChGmHfLUWwCRzq1aLG-0qkS11AQDfKwaEL4PdeLI8oGuCFqQGJt-pGwzHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ab989baab265c14-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 4EB0 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Tue, 09 Nov 2021 12:49:36 GMT
expires
Wed, 09 Nov 2022 12:49:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
24914
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js
pagead2.googlesyndication.com/bg/ Frame 4EB0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 20:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
430026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13531
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 20:17:44 GMT
playback
s.youtube.com/api/stats/ Frame 2D53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44737473%2C44752052&el=adunit&cpn=xLGaWm1lxOPpKkVd&docid=q-8UJhCaKHk&ver=2&cmt=0.191&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fresistthemainstream.org%2F&len=14.002&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=95.0.4638.54&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=12&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c05::8a Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EB0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.488.0&bgai=BpX_-sc-KYfXoKtGP9u8PqM24wAEAAAAAOAG6BRMIoJ6jvYWM9AIVpP-7CB2O3wSo&bg=!qqmlqe3NAAYDGbPvAxk7ACkAdvg8WofK_8HGRJQi6DcFP1l1CusND82w_9Zci-bEEZiJ_OVMg5zwxgIAAADEUgAAAbNoAQeZAoMnqRl3yjsPwwcHZjftnsJnDHtzVaF49RAg3FamCHuraaC3rJzI3FnEXU-cOut9ej1s4pmTBD9SV8-CTk50AlwY2l9_BYP1O1nOLPXaL6LPRG2vCAPq9NTyPHOocGPdiQNaxTfFyjobseBzP3t-hVfBa-_YBLY12zooQjmi_uCkgwsTrNT9vHEwiXLw7PCVfh62hnBv_UIr0K5vKAO6ydNwZxHzv331TKsYAPtCrwL5ZFw7yBt_KdVLsN1TLtM4B2qgbs3nSSr6n98iJgFJKMBdmBKP5skb6KYSXgYpg57J5PbtMGUrY8SPo125LZ2Rv5KDkT0OGBr8VThqLLq7t7QfaNqopzJjCPCJqv5vP5hqGAE8XroFLBESZOi0tLbMfbxOYF5rGitJqGcmvBJA0_7zBu4zBiAoL5w75oTOjYT4QWxKsakWbd03sajmOqCpxnTsYPf6ccvfly_PTDMmrI_TF3hSD1kkGinJ0TFh3l1ejTzmldIwiy6wU3VDXLpqHGX_PsTK3OsOweMd-oLK7C_BiibKQu8p2XHww3gFaDU9L6PAoouYEDBBUpCn_tdjVgTo3xNbA_h_a1c4_HsCrKMTVeGoYh26uOl63vliTA5DaYAC1Uj3gpSaTBlmhScCXJ0ZhXODc3nyOywWGMV3Dhaxgf9wS4DW2iDiFxudT417k76w5jg4TdtwGuqVrtQm2jpUoJ4kcqmhYhxpMGpFfOwGxt9ag6IxT5CdA3J3toh5fPdsjhJnWiMgthv-igkN_2FoPRjjYlVJyKE6qBBR2DE6DYzN9h2zUpKzjjNFYzZLY8lnwrbzugxijA8GuLCHCzKLjsTRGOp2XjCvRgbSBIdThZrO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 19:44:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=sec3&vi=0&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime25&ad_mt=3732&acvw=sv%3D905%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3786%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D643%26pst%3D493%26dur%3D14001%26vmtime%3D3732%26dvs%3D0%26dfvs%3D0%26dvpt%3D3761%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487093685%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=firstQuartile&ad=19&vi=0&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=video_skip_shown&ad_mt=5231&acvw=sv%3D905%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26p0%3D5674,321,6057,1000%26p1%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5287%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D876%26pst%3D493%26dur%3D14001%26vmtime%3D5230%26is%3D18%26i0%3D18%26i1%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487095187%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1636487097000&cid=6187a5a49268ad27da7716d8&VERSION=4.95.0&AV_PAGE_LOAD_UID=fe84b06b-268b-4505-9c40-a53a23288d29&AV_CDIM4=fe84b06b-268b-4505-9c40-a53a23288d29&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime50&ad_mt=7233&acvw=sv%3D905%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7285%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1108%26pst%3D493%26dur%3D14001%26vmtime%3D7233%26dvs%3D0%26dfvs%3D0%26dvpt%3D3499%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D33%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487097184%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:44:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=midpoint&ad=19&vi=0&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:44:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=sec10&vi=0&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:45:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
aclk
www.googleadservices.com/pagead/ Frame A86D
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CjwmQsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOV...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C0OXCsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuif...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C0OXCsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAHABW6gBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOaCRpodHRwczovL3d3dy5mYXNoaW9uZXR0ZS5kZbEJHPBig1It5siACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10234&acvw=sv%3D905%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26p0%3D5674,321,6057,1000%26p1%3D5661,321,6044,1000%26p2%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10286%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1572%26pst%3D493%26dur%3D14001%26vmtime%3D10233%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D46%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487100185%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646&cid=CAQSKQCNIrLMtFjFAZxCPgmLCIcTDxaWjn6RWkCh81Z6vDV61q8s3wiiovh_&dblrd=1&val=ChAyMjhkOWI0YTQ5Y2IwMDIzEK2fq4wGGgi6sPz7cknt0yABKAE&sig=AOD64_1EQCF_42kb2cl1LWjqLNODLak3Ng&adurl=https://www.fashionette.de%3Futm_targeting%3Dcustom_intent_brand%26utm_id%3D14859714714%26campaign%3DE_Display/DE_YouTube/DE_DE_YouTube_YTforAction
Protocol
H2
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:45:00 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C0OXCsc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBM0CT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9C7DcTE1IW7JDKUcX5_001-ygA1YbsIFJbpxtSNQVE70WSLjBP0q62RMvQDP6wAT3vPGw6gPgBAHABW6gBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOaCRpodHRwczovL3d3dy5mYXNoaW9uZXR0ZS5kZbEJHPBig1It5siACgOYCwHICwHQCw64DAHYEw3QFQHiFgIIAYAXAQ&num=1&client=ca-pub-9848746867798493&ctype=110&label=video_10s_engaged_view&ad_mt=10234&acvw=sv%3D905%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26p0%3D5674,321,6057,1000%26p1%3D5661,321,6044,1000%26p2%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10286%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1572%26pst%3D493%26dur%3D14001%26vmtime%3D10233%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D46%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487100185%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1636487089646&cid=CAQSKQCNIrLMtFjFAZxCPgmLCIcTDxaWjn6RWkCh81Z6vDV61q8s3wiiovh_&dblrd=1&val=ChAyMjhkOWI0YTQ5Y2IwMDIzEK2fq4wGGgi6sPz7cknt0yABKAE&sig=AOD64_1EQCF_42kb2cl1LWjqLNODLak3Ng&adurl=https://www.fashionette.de%3Futm_targeting%3Dcustom_intent_brand%26utm_id%3D14859714714%26campaign%3DE_Display/DE_YouTube/DE_DE_YouTube_YTforAction
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 92AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.234&rtn=14.002&ns=yt&fexp=44737473%2C44752052&el=adunit&cpn=xLGaWm1lxOPpKkVd&docid=q-8UJhCaKHk&ver=2&cmt=10.234&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fresistthemainstream.org%2F&len=14.002&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=95.0.4638.54&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c05::8a Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A86D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHjAisc-KYfXoKtGP9u8PqM24wAHd4uejZsT7kIuUD7CQHxABILmNjihglYKAgJgHoAGo6bXUA8gBBakCjCB9w9N0sz7gAgCoAwGYBACqBMoCT9D3vMqR0k-cZSYiVjCClEquFKK98GUiuifWqOVGp7E8cFz4RM990piYIeKbmuuv7TIs4YHdHGcjCB7f-c8Kxh-XPD9ju0YsKiAVQbb5BSTFsN7cEjtWJjSjtYyJbm7OtUNUu_eeWlV60IthTO0JRHN2budAB8SSRiu-nax8UVrgCx2AvsU4dMnVLyNN_aCoatiFWV4A7wRuS2fD8dR8jRlZ5ETp-Y69pG1gkbJSFFLPHOTcT84CDtu7byKAkSmlDJKVXPx-1MJanQeqoyIo5FqkYqFkmhvwghSaC0wzwXetbfzoW5V-Zav0gp6GdfJOanECyrYMjWmVmzKRUSulOVls-hirOrDbCoswJXJmhET_FqdDQxY--EA0_qvjs6N9U7Fuod7yFSDrgaY_fxx0ZF7Sv8wGrovkZLJ1inC_YQGG-KztJ-A3IDu3wAT3vPGw6gPgBAGgBlSAB9OVjDOoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0NzYwOTU2ODE3OTU4NzOACgPICwHYEw3QFQHiFgIIAYAXAQ&sigh=Hc8bsLqHd_w&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime75&ad_mt=10734&acvw=sv%3D905%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D5661,321,6044,1000%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10785%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1805%26pst%3D493%26dur%3D14001%26vmtime%3D10733%26dvs%3D0%26dfvs%3D0%26dvpt%3D3500%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26i3%3D18%26ic%3D0%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D906%26femvt%3D0%26emc%3D48%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D356862655%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1636487100684%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1636487089646&sdkv=h.3.488.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMDc4ODEzMTI2ODIMNTUzOTcwMDA5NDA0QLwCUiAQDyUAAJhBKAE6B3Vua25vd25CB3Vua25vd25IngJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 19:45:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=62080&t=1636487087&cip=168.119.25.194&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636487087953-969955866463-007945-006-006089&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.85&cb=97020532666&cd4=fe84b06b-268b-4505-9c40-a53a23288d29&cd5=default&cd1=4.95.0&d9=1000&d37=realtime1&AV_WIDTH=679&AV_HEIGHT=383&asid=6187a5a23223786bb66bb49e&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&h=f8596258adbf86535f8530214292558f75572d0b&d9=1000&ad=19&vi=0&ofpr=1.51622&imid=b9b777bbeecd23241049484f5e814807_1723163188_8188718&e=thirdQuartile&ad=19&vi=0&d1=vpaid&fv=3&cb=1636487087669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.82.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-82-211.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:45:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer string| jnews_ajax_url function| _0x3b44 function| _0x25f7b7 function| _0x4379 object| jnews object| jnewsDataStorage object| google_tag_manager object| google_tag_data object| gaGlobal object| _wpemojiSettings object| PDFObject undefined| $ function| jQuery number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS object| ldAdInit number| HYVOR_TALK_WEBSITE object| HYVOR_TALK_CONFIG object| twemoji object| wp string| HYVOR_TALK_DOMAIN object| jnews_module_40650_0_618a8853508d8 object| jfla boolean| jQueryScriptOutputted function| initJQuery object| addComment function| EvEmitter function| imagesLoaded object| jnewsoption object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| tve_dash_front object| TVE_Dash object| jnews_select_share boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists object| TL_Const object| hyvorTalkCommentCount object| omapi_data function| _typeof object| $ice object| $infolinks function| onYouTubeIframeAPIReady number| progressTimer object| _ldAdIdMap object| _mgIntExchangeNews object| MarketGidInfC1149360 function| MarketGidCContextBlock1149360 function| MarketGidCMainBlock1149360 function| MarketGidCInternalExchangeBlock1149360 function| MarketGidCRejectBlock1149360 function| MarketGidCCriteoBlock1149360 function| MarketGidCInternalExchangeLoggerBlock1149360 function| MarketGidCObserverBlock1149360 function| MarketGidCSendDimensionsBlock1149360 function| MarketGidCRtbBlock1149360 function| MarketGidCContentPreviewBlock1149360 function| MarketGidCResponsiveBlock1149360 boolean| mg_loaded_720235_1149360 object| MarketGidInfC1156929 function| MarketGidCContextBlock1156929 function| MarketGidCMainBlock1156929 function| MarketGidCInternalExchangeBlock1156929 function| MarketGidCRejectBlock1156929 function| MarketGidCCriteoBlock1156929 function| MarketGidCInternalExchangeLoggerBlock1156929 function| MarketGidCObserverBlock1156929 function| MarketGidCSendDimensionsBlock1156929 function| MarketGidCRtbBlock1156929 function| MarketGidCDiscountBlock1156929 function| MarketGidCContentPreviewBlock1156929 boolean| mg_loaded_720235_1156929 function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| onClickExcludes function| mgReject1149360 function| mgLoadAds1149360_0bcd5 function| MarketGidCReject1149360 function| MarketGidLoadGoods1149360_0bcd5 function| mgReject1169315 function| mgLoadAds1169315_0bcd5 function| MarketGidCReject1169315 function| MarketGidLoadGoods1169315_0bcd5 function| mgReject1156929 function| mgLoadAds1156929_072e1 function| MarketGidCReject1156929 function| MarketGidLoadGoods1156929_072e1 function| mgReject1209713 function| mgLoadAds1209713_072e1 function| MarketGidCReject1209713 function| MarketGidLoadGoods1209713_072e1 function| mgReject1225368 function| mgLoadAds1225368_072e1 function| MarketGidCReject1225368 function| MarketGidLoadGoods1225368_072e1 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint720235 string| _mgPvid boolean| _mgPageView720235 function| LoadCriteoAllPlaces1149360_0bcd5 boolean| i.js.loaded boolean| i-noref.js.loaded function| _mgLib1_11_55 function| _mgwqp function| LoadCriteoAllPlaces1156929_072e1 object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier function| Hls function| av_sciv_hndlr1636487087232 object| storageAni number| google_global_correlator object| closure_lm_564566 object| closure_lm_503971 object| closure_lm_875647 object| closure_lm_469519

105 Cookies

Domain/Path Name / Value
resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here Name: quads_browser_width
Value: 1600
resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here Name: logglytrackingsession
Value: 0710f0e7-367d-49ac-a9c7-24ac65f0a836
resistthemainstream.org/neighbors-build-home-for-veteran-hes-always-got-a-place-here Name: exco-uid
Value: oht7ziip36rgs4b9
.admixer.net/bs Name: am-uid
Value: 1e7b8de28b4046068817427fc0255023
.resistthemainstream.org/ Name: _ga_MHSJPPB6JE
Value: GS1.1.1636487084.1.0.1636487084.0
.mgid.com/ Name: __cf_bm
Value: 81M9JTSeC7otDbtZEecz3RcrTdyoCkflwto0d9ceGN8-1636487084-0-Af4L6+SJLNAVKikLyPzMOF7k181giaEueUAT6m2BcqTb8hLBEBG2W+Wf8kRaWGOS2aJtpe6emTPFuyZyStjn2p0=
talk.hyvor.com/ Name: talksess
Value: Etw30Xr6rLyHYPugDfq1YQG3ziKtmoe35fKAN15f
.youtube.com/ Name: YSC
Value: UUSP2628Erg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SwL9HGiz9GE
.resistthemainstream.org/ Name: paywall_product
Value: false
.resistthemainstream.org/ Name: _ga
Value: GA1.2.1403804126.1636487084
.resistthemainstream.org/ Name: _gid
Value: GA1.2.270276069.1636487085
.resistthemainstream.org/ Name: _gat
Value: 1
.openx.net/ Name: i
Value: da916ed9-a58e-48f9-9d13-b884b2e750d2|1636487085
.yahoo.com/ Name: A3
Value: d=AQABBK3PimECEILvtvtCb48wQB3NqzhKW_4FEgEBAQEhjGGUYQAAAAAA_eMAAA&S=AQAAAnxmNJFuVNQR6CR2apr_IoE
.advertising.com/ Name: APID
Value: UP7d9cc005-4195-11ec-a70d-023bda41e5d8
.casalemedia.com/ Name: CMID
Value: YYrPrcS6NWwB4.GGZ9syEwAA
.casalemedia.com/ Name: CMPS
Value: 5206
.pubmatic.com/ Name: SyncRTB3
Value: 1637625600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 97704061-BE79-44EE-9ECE-659A6ED5BC5D
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~21fv:18xp~21fv"
.yahoo.com/ Name: APID
Value: UP7d9cc005-4195-11ec-a70d-023bda41e5d8
.yahoo.com/ Name: APIDTS
Value: 1636487085
.casalemedia.com/ Name: CMPRO
Value: 1148
.adnxs.com/ Name: uuid2
Value: 8715120259450762151
.adsrvr.org/ Name: TDID
Value: 829dc61b-75e2-4641-ab0e-9d90e553c4f5
.doubleclick.net/ Name: IDE
Value: AHWqTUlOCRk0S2IoFvXk5khLrGIpL0_gadEmtsrYsHZU7TdAwCLxzo-1AOwDFchLm-k
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-sqa6tdtE2uFduENxn935Tvsrpl3hxqOlDE2pu9o-~A
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-0TT_8GhE2uHRXGudf4nMVnX8CelY0UDS~A~UP7d9cc005-4195-11ec-a70d-023bda41e5d8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003%22%7D
.infolinks.com/ Name: ANUSERCOOKIE
Value: 8715120259450762151
.pubmatic.com/ Name: PUBMDCID
Value: 3
.cpx.to/ Name: cpSess
Value: 6c2c80e5729d7a0b
.cpx.to/ Name: dsp_app_nexus
Value: 7486723602587192148#1636487085661
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYrPrQADUMF0rQBR
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003%22%7D
.infolinks.com/ Name: OXUSERCOOKIE
Value: 22aa7311-1fdd-4082-860a-479e2e67c6ba
.lijit.com/ Name: ljt_reader
Value: ceb5c834dfe1b9a51eaeaa46
.tynt.com/ Name: uid
Value: gKyCTWGKz60GjxGfOIiEhQ==
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjIyMDYztDQ1N7EwNjcwNRLiM9RNDzTwDTPKLwxNcjSX4jU0MzYzsTA3sDA1NzcEAKY-83I0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmxmYmFuYGFqbm4EAMBD1q0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjIyMDYztDQ1N7EwNjcwNRLiM9RNDzTwDTPKLwxNcjQHAEa_l9klAAAA
.infolinks.com/ Name: IXUSERCOOKIE
Value: YYrPrcS6NWwB4.GGZ9syEwAA&1148
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3Dc026e4a1-7779-4c70-9c15-ee773d2b9f40
.bnmla.com/ Name: rx_uuid
Value: c026e4a1-7779-4c70-9c15-ee773d2b9f40
.bnmla.com/ Name: rx_maxage_1000361
Value: 1637783085
.bnmla.com/ Name: rx_sspid_1000361
Value: 6
.lockerdome.com/ Name: account_id
Value: 14549192924172800
.lockerdome.com/ Name: ldrid
Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 97704061-BE79-44EE-9ECE-659A6ED5BC5D
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-8e9b59cb-5d9e-46b9-8d7a-f57443c3cdc8-003
.infolinks.com/ Name: KADUSERCOOKIE
Value: 97704061-BE79-44EE-9ECE-659A6ED5BC5D~1636487172229
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5132203619574837052
.lockerdome.com/ Name: login_token
Value: %2214549192924172800%7C1644263085732%3A%7Call%7CHZQKG7w2gM8NFwM7SPOpcAsGZSnxOCWdqDgqwz5imW%2ByJPYRwDHj6Z%2FsiUCLc4%2F%2F%2FuLDQu4%2Fv3gABRyyc6DqMw%3D%3D%22
.simpli.fi/ Name: suid
Value: A5CEF7FA56F544E98FB642E74E0F0EF9
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: ceb5c834dfe1b9a51eaeaa46
.infolinks.com/ Name: ENBDSERCOOKIE
Value: c026e4a1-7779-4c70-9c15-ee773d2b9f40
.mgid.com/ Name: muidn
Value: la9K1hCMoiIb
servicer.mgid.com/ Name: __mglb
Value: 2b804be0d04e992ad0d5ca78c8f32d46
resistthemainstream.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1149360%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636487086425%7D%2C%22C1156929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636487086450%7D%7D
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjmmvrdg_GROhAFOAFaB29tbjY3aGxgAg..
.bidswitch.net/ Name: c
Value: 1636487087
.bidswitch.net/ Name: tuuid_lu
Value: 1636487087
.bidswitch.net/ Name: tuuid
Value: da751ef1-849a-44f2-b3b1-9e5a0b4123c9
.creativecdn.com/ Name: u
Value: 2DrW8XdawHHLj064BBlh
.creativecdn.com/ Name: ts
Value: 1636487087
.zeotap.com/ Name: zc
Value: 58e0b025-e909-4fb6-634a-f3afb5503894
.e-volution.ai/ Name: v_usr
Value: 78ee9af5-574c-41ce-8bb8-fb4725d9ac30
.lentainform.com/ Name: muidn
Value: la9K1hCMoiIb
.idealmedia.io/ Name: muidn
Value: la9K1hCMoiIb
.360yield.com/ Name: tuuid
Value: cb75f8b7-970d-4964-bd4a-bb74b725adcd
.360yield.com/ Name: tuuid_lu
Value: 1636487087
.smartadserver.com/ Name: pid
Value: 7452029736419221580
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_ad26592d-3ee5-4f30-a15d-3c2492e35fc7
.mfadsrvr.com/ Name: tuuid
Value: e1545b45-085f-47f0-9da0-a15a806634d4
.mfadsrvr.com/ Name: c
Value: 1636487087
.mfadsrvr.com/ Name: tuuid_lu
Value: 1636487087
.mfadsrvr.com/ Name: ssh
Value: !mgid,1636487087
cm.mgid.com/ Name: mg_sync
Value: {"287839":1636487087,"371158":1636487087,"433145":1636487087,"501037":1636487087,"665953":1636487087}
.aniview.com/ Name: aniC
Value: 1636487087953-969955866463-007945-006-006089
.casalemedia.com/ Name: CMST
Value: YYrPrWGKz7AA
resistthemainstream.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 315da9659a70c90f70842aa49862c2db
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDY0TUm0NDO1TDQ3SLY0SDM3sDAxSkw0sbQwM0o2SkliAILErvMbQDQUAABNFArv"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7Dq%2FAUhBAQAdpgJr"
.bidr.io/ Name: bito
Value: AAB-Jk7DFZ8AACgHAOtsSg
.bidr.io/ Name: bitoIsSecure
Value: ok
beacon.lynx.cognitivlabs.com/ Name: UID
Value: ca96e80e-2594-4a58-93ca-ae42ab4255a5
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 27%2F380D5BLmJM92cZqIH11nES2qEV44mQ92aJjvAsXP9T5%2Bw4W79q%2FPomXaX27n4GxY7K%2FRkNH7JGEa%2FjKnryg%3D%3D
.eqads.com/ Name: EQUser
Value: UID=2ae9b382-84c5-4a42-ac05-a5992e88cf04
.aniview.com/ Name: 2_C_42
Value: YYrPrcS6NWwB4.GGZ9syEwAA&1148
sync.aniview.com/ Name: 2_C_42
Value: YYrPrcS6NWwB4.GGZ9syEwAA&1148
.turn.com/ Name: uid
Value: 8369973947737466976
.casalemedia.com/ Name: CMRUM3
Value: f1618acfad05a0&2d618acfad2760CAESEGn-rb_K1ovgXgLOmNNLI1E&04618acfb005a0&27618acfad0b40&82618acfb02760AAB-Jk7DFZ8AACgHAOtsSg&28618acfb027602ae9b382-84c5-4a42-ac05-a5992e88cf04&29618acfad05a0&dd618acfb02760&e6618acfad2760&bf618acfad05a0&2e618acfb005a0&08618acfb02760ca96e80e-2594-4a58-93ca-ae42ab4255a5&58618acfad2760YYrPrQADUMF0rQBR&49618acfb005a0&c4618acfb005a0
.openx.net/ Name: pd
Value: v2|1636487088|gekin0vNiygu
.quantserve.com/ Name: d
Value: EPkBDAHXJIqsMA
.quantserve.com/ Name: mc
Value: 618acfb1-0edc6-51734-d0a1a
.mathtag.com/ Name: uuid
Value: c7e5618a-cfb1-4a00-b776-f51e79e3ba93
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 9215867005113022602
.resistthemainstream.org/ Name: __gads
Value: ID=a5a2744194620fcd:T=1636487089:S=ALNI_MaZcai5zEDRj8Ljq27nwOtMHBcIrA

2 Console Messages

Source Level URL
Text
network error URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
ap.lijit.com
atrack.avplayer.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
c.mgid.com
c1.adform.net
cdn.mgid.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csi.gstatic.com
de.tynt.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
jsc.mgid.com
lockerdome.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
mcd.ex.co
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
premiumsrv.aniview.com
prg.smartadserver.com
pubads.g.doubleclick.net
resistthemainstream.org
resources.infolinks.com
router.infolinks.com
rr4---sn-4g5ednsl.googlevideo.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.cpx.to
s.youtube.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.e-volution.ai
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
talk.hyvor.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
video-native.mgid.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
www9.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
sync.adtelligent.com
104.154.142.214
104.16.199.73
104.19.133.78
104.19.136.78
104.19.216.61
109.206.161.21
141.95.34.104
142.250.185.130
142.250.185.98
142.250.186.98
15.197.193.217
151.101.130.132
151.101.130.49
169.50.137.182
172.66.41.9
174.137.133.49
178.162.133.149
18.210.180.232
18.213.10.151
18.235.247.154
185.184.8.65
185.29.134.248
185.33.220.100
185.33.221.50
185.64.189.110
185.64.189.112
185.86.137.17
185.86.137.32
185.86.139.94
193.0.160.129
198.47.127.18
198.47.127.19
198.47.127.20
2.16.186.146
2.18.232.130
2.18.233.180
2.18.234.21
204.62.13.72
208.100.17.176
213.19.147.45
216.52.2.30
23.37.42.132
2600:9000:21f3:9400:a:cbb7:a940:93a1
2600:9000:21f3:c00:b:6268:b880:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:fe6
2606:4700:20::ac43:442c
2620:112:f000:bbbb::11
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:6a::9
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:828::2016
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:400c:c02::9b
2a00:1450:400c:c06::5e
2a00:1450:4013:c05::8a
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb91
2a03:90c0:41:2801::254
2a05:d018:d29:3602:c036:7711:2b3c:f287
2a06:8640:506:0:ec4:7aff:fec2:7e6e
3.120.169.248
3.126.56.137
35.157.177.200
35.212.212.222
35.241.40.233
35.244.159.8
37.157.2.234
38.27.122.158
51.178.20.140
51.89.9.254
52.16.241.140
52.17.84.146
52.19.63.112
52.46.133.124
52.49.238.187
52.57.216.146
52.6.82.211
52.73.58.55
54.88.209.254
64.74.236.31
67.202.105.32
69.173.144.139
69.173.144.165
72.251.241.206
89.187.169.47
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48
02d0c8337f4b966f1bd06def9e350e6bace09705309c705f1607e6c07f47a444
03ad28563e42297fd7302ed4e9ad0607f585529796c6dcd385d13cac28f3b59e
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694
07bf566e3bd2cf7dc41ff9d46ddabbe062a539f02e5940626101808e7c9f224a
09f4cd794177dfc5dede2a3c4fd6887dc5fd0dcef3b3bc01663d4ced7a78bd9d
0ab06d7e8d1dd529af76a35c34a50d95c176ac39254bc527a99d992a91e8581d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0ffce189be6667dd198e8dcd72882b51623c6bcb6dbd22c893e6ff79556268e2
1144fef04ea6454a232e68f9d9ddf6396c35fb84852cba4ec03212b8ffaa37fa
127d7e1b93a56a36cf4cf99973327f49fe7e06988bfb00faf58491e72fc5072d
12b9862d60f3cc4c8baacbd512ae0c69be241c43d901a81fbeaa72280dfc2cfb
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
19754713ec9a4431d4b151e208a8c36f551d0f0d6995eea551f359c89c667604
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1c2b4cf527036603abbb279a96cc0b6f55ddb03768f8b91adfc5d0fb0839866f
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
258b791b772aa8287ba9115550989752843c5620c48c2fa5b5a22cb05795c976
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266844a1a1238cf7697d587b642e3467ee74913da9f37eaaddcfaba2f6f9e9c1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28d5d506cd6db74fc8eddeb84bdeec105506da31316534d4a6528096c76d0b9c
2a26bf140c5e2c534f84e4f7d429f088195248def4d85eaebc82dd160c8e01a8
2a279d992c6bf8113e7080b7ed759204634ab0f9743f7204b3a33b5f8c448521
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5a972210d1abbf742a391b84bca63c4f7de5b560947229f10f60e0905d9eef
2d556fac2b9313addb39b4aec1de4f85a7f833286ed0a9114e4ea6038c716bf9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553
3172175aefb31f188e745a52fa0691ca5f3cebc70c9752500fbdf3f3289a0268
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
34a014a4fafbb190c8cbfb28402e7061dbc8acaae13875380417274a5eba748a
3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e
3774f691ed0274da1e1008fc725883135156d1ca5aa147cc99bdb8384cb4720f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38153cf8c4070d228b3be3409fcb214b7fbe44dc51bbd1f2cc2a0d180d068252
382c281fe526f9ddda3571836edf3f1197f2a21eeeb0decb902f59e43960f5f9
383e12aa8e73a3caad8110f21c7f91e0d3937724c566b05545549bfb3f69a5cd
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4076f5e13933b6903147a331c4be1ca804719c904723683449124e2307cdb8e3
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
443ae740fe8356c17d751a26eadec94e0ffce6ebe1de5f28b6cc822906731b83
4614431a683f0bab6ac324c5fc539a6d7e39df632ad84f076338c81a44bbec83
47aedfb3cf86b485cbdef1c33f75a5a396dc41cdaed29f60dbbc1f12ab8e118e
485bf181f2733a9c30b16f945e2500d6ae72b7b1aa22c98bddb28e664a88a6e8
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491ce1d6e74f626c25e8c84b9a4d943f2de6415d883217772b13121ace463908
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b20dd203381763191766e1db240a36f0e706bfa2cc72bb9413554113a52a969
4c72b5ac0bd91bb0f2829e32ff6632e83a15b43349f90e2ea142bb09edbfc103
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f32ac2511342c594ace4f424ba73914cdcd3f1ea230b220f55fd9dcab152287
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
537a6cca9daace7691f81c208397130ae3ee16f161d10f362acd9066fd521f17
539215a62c4691bef106556dffea082d138c9e5b1a6de672fb608173f5bbba58
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b4b1579f0eececaabe7d686b4e5a1e175399e382b491aeeec46f5eeb3c7f22
5769b737dc242169810e6d289a9670e624333aed29c58f8109947c76a2d1eb52
59175eae6dda16aab12baa85a749cacfbb101b99b79d993d1d9f5bbeba37b1a3
5c63eaa53569b98cee60422f33638066f99b7350c36e95960a3acfb93882922b
5e70e0d2c49913cfed151d2a714b5c39ed5683ede70ac5cd8ec4c74847153dde
5fda95717e02b994ed0a9f6372c57455dc035787c60e3e0cd9f2267dc4248650
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
647b87d58e9133ffbe643b3e8c22d5f172c903e2f97d487a386a8a559269eec0
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461
67e25e13e7a70ae3b5005091cb502dfb82094b7c10c6f9d60933be8d57e6bd77
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
67f5be4418a1d8b2bdc5a6c9a3106fecb60845f48e93bbac12c4e8d39931eacf
6c81689405cf661b35d10021c14f1f82e4bd8a7992d584041333de46b50cdfe7
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469
6faa9082282e075a073e7ea8758e2ffd548a8f41c92dd12af560d9843b8f11eb
71ebaa7b30e6256d69d1da136962215a233d0535e2dc67ce3315e59852e5f576
729bcb86c221341eabada36af1f02ddbb430bccbb5fb908315365d386c0bfaba
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79f0d0b222386bf59c21e0c65ec1d31c824d083f89af7ef7398c1f53ad73f4db
7d3371bd729363b1abb579de6b0e38024c587ee74c7345ae4da5d0652d9c422d
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262
7ff97ab0efeda7d8cc7a3d69cb59a6555696ab41056b9429e633547f6abd827f
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8382434e26c73097635a1a2b7216b0c181f5d0389cea68445140bd269643b8f8
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8a2e395f34e6bd7ba0ea11cf17ed3d460d106aa2833db04468b8e6cda3c915a1
8af22b89a05bd7f477b756f8c1e8260d22a58238db166a186f70e56612e1442d
8b2d291c92912d48fa031a1bce3173abe49480136cafdf46ffe0d284d348a664
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f467b5044a62ab0f14bb30db370369059a4887d7943929f46047c030b4063db
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
916e37d5d659698d98b2e8b0d63151cb142d85b3e35654754ff0a2df524a7a14
9576ab47d39dbaa78e8c32b6b526fd1ad8bd8c94a266a338a6d4f0627e8b4eda
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9b9af024ba556e69b4c433211e6b22eadddf333dbc4e408a74f73a7bd0033479
9c71ae3a49529728b30e197f67994238ca0a11ce81067f4cd710f540996592cb
9eb0966044e1a32b51fcd3d2f2cb7dc9d2ca0c865ab20c5001f87510791387e9
9fc519133e1c703b9f5cc7b99cd914176144def0e7bc952316873b9f0ab67ea8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3ea8fc6de15e6d5c742fdff859f03204770551a52a68d07746065c777b38c66
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac73a7f9daed796ceb0e793a9a91ca66cb6ed6fb1a6278bc18731a0a47c3c248
ac7c7cf73211354b0ee802992e682a928983031a5611cb8acbefbac7042d6321
ac91da591ede161e3ded6592d6e3601ac9e71ee843adc2af51b578f1207a57a0
ae355cf9fdd00f6dec3384d157e7d357bdf485d091b6fe4449b39ea72f755c4c
af0c7c25caef0e233eb44cfad098187f30f3ffa47192f4dd74cc2d85d09551f5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6151af5b41cd0187b28ad2a3c1e38fc45b77ffa45b3311bc2124676ce3b638d
ba5c76416393c71ade7a227be7fecb9baeb5b4717dd1123cf889039a2e3965fe
bab224676b71e78a84acbe69453c7bfd781dfba0b0208626e3da67e65420114f
bbc08b676d54c8f448b423f9f8295962fabafe7dbe9be4e1db772497ec1cfc9b
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6
bde10f0722cbb2385a8b1c788526bf3c537b253e66e4c26389f79c38875fd667
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3508051126ffa97486178f29ba4cb0e214c9c8a02f438815caae6b001b9b388
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae
c9a8b8dab442da8e42788f7d1e5b798740e63906533ae6e6272db263f548901f
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d26c45109ef0ca4d83ea062736e9e49b425314dddc45838f8ba38436b899e88c
d5e866d279f5a0b4355d74744a1ad67a38b56c5db333f42bccfe4a629e40af3e
d6cd8136686f5a083c0dc7b3a015283b816116c54b5d6894dc0eb037b27480a1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8206c819c8442478039f7aa4047edd4854ca974d0e78a0eaa32f9345aad60e9
d907a8b694cc2ee1cd08e22755ed1e82cd6fa52aa3b27c86e77baa1722021d35
de381ba3aba2766bb339e998e98334f114ad3d3e29caa35a43eedb1020f2e201
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41228f75e7af5561506570c87ca458db9e259d640c286e2cb5619092d18e395
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e66f4ba3c4ee502f6bb641aafbd1a81e23b5519449628dd068c34b5ee2c7f6b9
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eacd8e83c92b18bdcfb532aacc84f5c7aaa8b1a615661036b2dbc67fe9aa69fd
ec228f23153d19171244306afc91badad9085e1317fa0c1519e949b1a0cf777c
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2a60bab3f8b2c45c707485818cde9a744b5666600bc8acca0b81240d52af08
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0654f5adf8f95316c662233c3c9503790ea953a19acb31256946d0f0d0e6868
f11acfb89e757aa221d8831f30834c811683ac36c7cb73d9ea6b223cd348fe37
f12e2c2b8ca7f85c66a6eede4913c4347cf3a728e5492e30074a8a291e388c76
f376a59da81ecbd9c461d913158d617e3875ad5f8f28c2518f6f326ecc621b67
f3bed13a6a736e4225ec184bb4a9b1a4779220a451c13db8c4689473128c33a2
f4e652657db6751606fa5ca57e4e8e05e7ef418c78ac7bc7b36cfc61dd0ef8b6
f52733ad0523c74ce6129fcff09c9463aa9185dc75f1dc829d6d6f87f29906cd
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f
f931a3bb0e4c391b26c47d537e88ce54c75b90d7b288b05f138b09c56063041b
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc749fb959924e8a6b0a677cf184b52f09852bc5ab537ce6e2617995e394bfc2
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869