thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:842 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Submission: On November 03 via api (November 3rd 2021, 3:46:14 am UTC) from US — Scanned from DE

Summary HTTP 465 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 84 IPs in 11 countries across 85 domains to perform 465 HTTP transactions. The main IP is 2606:4700:20::681a:842, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.

This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:20:... 2606:4700:20::681a:842	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:de00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:a200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:10:... 2606:4700:10::ac43:264e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.253.128 13.35.253.128	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2600:9000:205... 2600:9000:2057:d800:b:6268:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1800:a:cbb7:a940:93a1	16509 (AMAZON-02) (AMAZON-02)
9	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
21	149.154.164.24 149.154.164.24	62041 (TELEGRAM) (TELEGRAM)
4	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 35	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
5	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
10	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
10 30	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
5	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
5 59	2606:4700:10:... 2606:4700:10::ac43:2ac6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
17	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
15	2600:9000:205... 2600:9000:2057:6a00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5 5	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 12	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
2 6	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
5	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
22 23	18.196.195.54 18.196.195.54	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
1	54.37.103.83 54.37.103.83	16276 (OVH) (OVH)
2 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
8 8	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
17 17	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
11 11	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
17 17	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	157.90.157.235 157.90.157.235	24940 (HETZNER-AS) (HETZNER-AS)
4	151.236.71.146 151.236.71.146	204720 (CDNETWORKS) (CDNETWORKS)
5 5	18.184.122.71 18.184.122.71	16509 (AMAZON-02) (AMAZON-02)
10	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9 9	18.159.140.98 18.159.140.98	16509 (AMAZON-02) (AMAZON-02)
14 14	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5	146.20.132.120 146.20.132.120	27357 (RACKSPACE) (RACKSPACE)
4 9	51.75.146.199 51.75.146.199	16276 (OVH) (OVH)
15 17	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
10 15	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
10 35	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5 10	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
24 24	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 4	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
2	2a05:d018:d29... 2a05:d018:d29:3605:6798:75ff:a274:9693	16509 (AMAZON-02) (AMAZON-02)
2 4	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	52.16.214.249 52.16.214.249	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.235.172.182 18.235.172.182	14618 (AMAZON-AES) (AMAZON-AES)
1	35.171.36.131 35.171.36.131	14618 (AMAZON-AES) (AMAZON-AES)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	18.197.87.177 18.197.87.177	16509 (AMAZON-02) (AMAZON-02)
1 2	18.213.10.151 18.213.10.151	14618 (AMAZON-AES) (AMAZON-AES)
4 4	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
2 2	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
8 8	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
4	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4 8	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	3.127.192.192 3.127.192.192	() ()
1 2	185.94.180.126 185.94.180.126	() ()
1 4	2a02:6b8::90 2a02:6b8::90	() ()
3	82.145.213.8 82.145.213.8	() ()
465	84

33 2606:4700:20::681a:842 (United States)

ASN13335 (CLOUDFLARENET, US)

thetruedefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:a200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:264e (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-128.fra6.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:d800:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1800:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tlgr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 149.154.164.24 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

cdn4.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

thetruedefender-com.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 96.46.186.57 (United States) 5 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 185.33.220.145 (Amsterdam, Netherlands) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700:10::ac43:2ac6 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2057:6a00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.35.65 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

itx5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 94.130.102.164 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad12.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.85.15.31 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 18.196.195.54 (Frankfurt am Main, Germany) 22 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.235.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.103.83 (France)

ASN16276 (OVH, FR)
PTR: ip83.ip-54-37-103.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.232.150.45 (Russian Federation) 8 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp18.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 31.172.81.172 (Germany) 17 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 31.172.81.159 (Germany) 11 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 72.251.249.9 (Amsterdam, Netherlands) 17 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.157.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.157.90.157.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.236.71.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.122.71 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.159.140.98 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.126.56.137 (Frankfurt am Main, Germany) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.20.132.120 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.75.146.199 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 213.19.147.44 (United Kingdom) 15 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.33.220.150 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2.18.234.21 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.46.154.242 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.162 (United States) 24 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 135.125.160.77 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6798:75ff:a274:9693 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.226.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-214-249.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.172.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-172-182.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.36.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-36-131.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.87.177 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-87-177.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.51.194 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.109 (Ascension Island) 2 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.108.120.76 (Russian Federation) 8 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:6d0:4001::226 (Russian Federation) 4 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.192.192 (None, )

ASN- ()

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (None, ) 1 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	quantumdex.io 5 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	10 KB
39	betweendigital.com 5 redirects ads.betweendigital.com cache.betweendigital.com	27 KB
36	adnxs.com 10 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	113 KB
35	casalemedia.com 10 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	38 KB
33	thetruedefender.com thetruedefender.com	415 KB
30	doubleclick.net 24 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	198 KB
23	bidswitch.net 22 redirects x.bidswitch.net	10 KB
21	telesco.pe cdn4.telesco.pe	1 MB
20	rubiconproject.com 5 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	55 KB
17	lijit.com 17 redirects ap.lijit.com	9 KB
17	bumlam.com 17 redirects sync.bumlam.com	10 KB
17	onetag-sys.com onetag-sys.com	11 KB
16	yahoo.com 14 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	14 KB
16	disquscdn.com c.disquscdn.com a.disquscdn.com	548 KB
15	adsrvr.org 10 redirects match.adsrvr.org	6 KB
14	wp.com i1.wp.com c0.wp.com stats.wp.com i0.wp.com i2.wp.com pixel.wp.com	575 KB
13	mathtag.com 2 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	10 KB
13	criteo.com 3 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	9 KB
12	ad-srv.net 2 redirects ad.ad-srv.net ad12.ad-srv.net	12 KB
12	smartadserver.com prg.smartadserver.com itx5.smartadserver.com www8.smartadserver.com rtb-csync.smartadserver.com	20 KB
11	1rx.io 11 redirects sync.1rx.io	6 KB
11	adsniper.ru 11 redirects sync3.adsniper.ru	6 KB
11	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	4 KB
10	amazon-adsystem.com 5 redirects s.amazon-adsystem.com	7 KB
10	sonobi.com sync.go.sonobi.com	5 KB
10	wp.pl ssp.wp.pl	2 KB
9	id5-sync.com 4 redirects id5-sync.com	11 KB
9	advertising.com 9 redirects pixel.advertising.com	3 KB
8	tns-counter.ru 4 redirects www.tns-counter.ru	3 KB
8	aidata.io 8 redirects x01.aidata.io	4 KB
8	adhigh.net 8 redirects px.adhigh.net	3 KB
8	pubmatic.com 2 redirects image6.pubmatic.com ads.pubmatic.com	27 KB
8	disqus.com thetruedefender-com.disqus.com disqus.com referrer.disqus.com links.services.disqus.com Failed	62 KB
7	tlgr.org tlgr.org	108 KB
6	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com	3 KB
5	lkqd.net cs.lkqd.net	2 KB
5	sharethrough.com 5 redirects match.sharethrough.com	1 KB
5	wpcdn.pl std.wpcdn.pl	136 KB
5	a-mo.net prebid.a-mo.net	268 B
5	creativecdn.com prebid-eu.creativecdn.com	905 B
4	yandex.ru 1 redirects an.yandex.ru	905 B
4	sniperlog.ru sync3.sniperlog.ru	2 KB
4	creative-serving.com 4 redirects ads.creative-serving.com	3 KB
4	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	2 KB
4	dyntrk.com 4 redirects gu.dyntrk.com	2 KB
4	awin1.com 2 redirects www.awin1.com	2 KB
4	contentspread.net cdn.contentspread.net	4 KB
4	sascdn.com ced-ns.sascdn.com apps.sascdn.com	23 KB
3	opera.com t.adx.opera.com	1 KB
3	lockerdome.com lockerdome.com	5 KB
3	lockerdomecdn.com cdn1.lockerdomecdn.com cdn2.lockerdomecdn.com	22 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	optad360.io cmp.optad360.io get.optad360.io	234 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	admixer.net 2 redirects inv-nets.admixer.net	1 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	646 B
2	admedo.com 2 redirects pool.admedo.com	717 B
2	avct.cloud 2 redirects ads.avct.cloud	904 B
2	kaspersky.com media.kaspersky.com	110 KB
2	criteo.net static.criteo.net	54 KB
2	viglink.com cdn.viglink.com	531 B
2	gstatic.com fonts.gstatic.com	32 KB
2	adpone.com rtb.adpone.com	2 KB
2	4dex.io script.4dex.io	23 KB
2	xn--r1a.website xn--r1a.website	18 KB
2	jeeng.com users.api.jeeng.com	119 KB
1	kargo.com crb.kargo.com	360 B
1	rfihub.com 1 redirects p.rfihub.com	779 B
1	adentifi.com rtb.adentifi.com	88 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	ad4m.at ad4m.at
1	bidr.io match.prod.bidr.io	430 B
1	deepintent.com match.deepintent.com	44 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com	637 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	mediarithmics.com cookie-matching.mediarithmics.com	85 B
1	gravatar.com secure.gravatar.com	36 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	pushengage.com clientcdn.pushengage.com	19 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
0	33across.com Failed ssc-cms.33across.com Failed
465	85

	Domain	Requested by
49	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
35	ads.betweendigital.com	5 redirects get.optad360.io ads.betweendigital.com
33	thetruedefender.com	thetruedefender.com
30	ib.adnxs.com	10 redirects get.optad360.io acdn.adnxs.com
24	cm.g.doubleclick.net	24 redirects
23	x.bidswitch.net	22 redirects ssum-sec.casalemedia.com
21	cdn4.telesco.pe	xn--r1a.website
20	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com um2.eqads.com
17	ap.lijit.com	17 redirects
17	sync.bumlam.com	17 redirects
17	onetag-sys.com	get.optad360.io sync.quantumdex.io cache.betweendigital.com
15	ssum-sec.casalemedia.com	5 redirects sync.quantumdex.io ssum-sec.casalemedia.com
15	match.adsrvr.org	10 redirects ssum-sec.casalemedia.com
15	c.disquscdn.com	thetruedefender-com.disqus.com disqus.com c.disquscdn.com
14	ups.analytics.yahoo.com	14 redirects
11	sync.1rx.io	11 redirects
11	sync3.adsniper.ru	11 redirects
10	s.amazon-adsystem.com	5 redirects ssum-sec.casalemedia.com
10	sync.go.sonobi.com	sync.quantumdex.io
10	eus.rubiconproject.com	thetruedefender.com eus.rubiconproject.com cache.betweendigital.com
10	ssp.wp.pl	get.optad360.io
9	id5-sync.com	4 redirects sync.quantumdex.io
9	pixel.advertising.com	9 redirects
8	www.tns-counter.ru	4 redirects
8	x01.aidata.io	8 redirects
8	px.adhigh.net	8 redirects
7	tlgr.org	xn--r1a.website
7	c0.wp.com	thetruedefender.com
6	sync.targeting.unrulymedia.com	4 redirects sync.quantumdex.io
6	sync.mathtag.com	2 redirects tags.mathtag.com sync.mathtag.com thetruedefender.com
6	ad12.ad-srv.net	ad.ad-srv.net
6	ad.ad-srv.net	2 redirects thetruedefender.com ad.ad-srv.net
5	ads.pubmatic.com	sync.quantumdex.io
5	cs.lkqd.net	sync.quantumdex.io
5	ms.quantumdex.io	5 redirects
5	match.sharethrough.com	5 redirects
5	std.wpcdn.pl	ssp.wp.pl
5	cdn.connectad.io	get.optad360.io
5	acdn.adnxs.com	get.optad360.io
5	token.rubiconproject.com	eus.rubiconproject.com
5	tags.mathtag.com	ced-ns.sascdn.com thetruedefender.com tags.mathtag.com
5	secure-assets.rubiconproject.com	5 redirects
5	prg.smartadserver.com	get.optad360.io
5	useast.quantumdex.io	get.optad360.io
5	prebid.a-mo.net	get.optad360.io
5	prebid-eu.creativecdn.com	get.optad360.io
5	i.connectad.io	get.optad360.io
5	bidder.criteo.com	get.optad360.io
4	an.yandex.ru	1 redirects
4	sync3.sniperlog.ru
4	ads.creative-serving.com	4 redirects
4	bcp.crwdcntrl.net	2 redirects ssum-sec.casalemedia.com
4	gu.dyntrk.com	4 redirects
4	cache.betweendigital.com	ads.betweendigital.com
4	rtb-csync.smartadserver.com
4	gum.criteo.com	2 redirects static.criteo.net
4	www.awin1.com	2 redirects ad.ad-srv.net
4	cdn.contentspread.net	ad.ad-srv.net
4	disqus.com	thetruedefender-com.disqus.com c.disquscdn.com
3	t.adx.opera.com	cache.betweendigital.com
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	mug.criteo.com
3	stats.g.doubleclick.net	lockerdome.com
3	lockerdome.com	cdn2.lockerdomecdn.com
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	i1.wp.com	thetruedefender.com
2	sync.search.spotxchange.com	1 redirects
2	inv-nets.admixer.net	2 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
2	pool.admedo.com	2 redirects
2	ads.avct.cloud	2 redirects
2	media.kaspersky.com	ad.ad-srv.net
2	static.criteo.net	get.optad360.io static.criteo.net
2	cdn.viglink.com	thetruedefender.com
2	referrer.disqus.com	c.disquscdn.com thetruedefender.com
2	pixel.mathtag.com	thetruedefender.com tags.mathtag.com
2	itx5.smartadserver.com	ced-ns.sascdn.com
2	apps.sascdn.com	ced-ns.sascdn.com
2	ced-ns.sascdn.com	thetruedefender.com
2	fonts.gstatic.com	fonts.googleapis.com
2	rtb.adpone.com	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	thetruedefender-com.disqus.com	thetruedefender.com
2	xn--r1a.website	thetruedefender.com tlgr.org
2	cdn1.lockerdomecdn.com	thetruedefender.com cdn1.lockerdomecdn.com
2	users.api.jeeng.com	thetruedefender.com users.api.jeeng.com
2	get.optad360.io	thetruedefender.com get.optad360.io
1	crb.kargo.com
1	p.rfihub.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	pixel-sync.sitescout.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	ums.acuityplatform.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	bidswitch-eu.splicky.com	1 redirects
1	cookie-matching.mediarithmics.com
1	dis.criteo.com	1 redirects
1	www8.smartadserver.com
1	a.disquscdn.com	thetruedefender.com
1	secure.gravatar.com	thetruedefender.com
1	pixel.wp.com	thetruedefender.com
1	fonts.googleapis.com	xn--r1a.website
1	cdn.jsdelivr.net	get.optad360.io
1	i2.wp.com	thetruedefender.com
1	i0.wp.com	thetruedefender.com
1	cdn2.lockerdomecdn.com	thetruedefender.com
1	stats.wp.com	thetruedefender.com
1	clientcdn.pushengage.com	thetruedefender.com
1	www.googletagmanager.com	thetruedefender.com
1	cmp.optad360.io	thetruedefender.com
0	ssc-cms.33across.com Failed
0	links.services.disqus.com Failed	c.disquscdn.com
465	120

This site contains links to these domains. Also see Links.

Domain
rumble.com
t.me
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com
pinterest.com
reddit.com
vk.com
connect.ok.ru
getpocket.com
jamanetwork.com
www.thegatewaypundit.com
api.whatsapp.com
telegram.me
lockerdome.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-05` - `2022-01-04`	a year	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.lockerdomecdn.com Amazon	`2021-02-24` - `2022-03-25`	a year	crt.sh
xn--r1a.website R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tlgr.org R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.telesco.pe Go Daddy Secure Certificate Authority - G2	`2020-03-10` - `2022-04-13`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-05` - `2022-03-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.mediarithmics.com Gandi Standard SSL CA 2	`2021-02-17` - `2022-03-01`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 84 frames:

Primary Page: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Frame ID: 622DEFE6B555F312107BF38BBDA6F66F
Requests: 144 HTTP requests in this frame

Frame: https://xn--r1a.website/s/TheTrueDefender
Frame ID: B6247466E21D8A1B01CAEBDA7507EB40
Requests: 34 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 3A39AF307B199CFF5316272970356F3C
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 690D12C822E3B794893609A417458A26
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: 0A6DDB801F5BA8203BAE11B05BC918EB
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
Frame ID: A94C406EB1110459749B30AFB0040B2A
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 12A0589EC4EDD13C2E98D105AAA979C6
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 7299B9483315AD083E29D8D02CA526E6
Requests: 2 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22312825910199852068%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%228036622%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%228036622%22%2c%22hash%22%3a%22-4837248904725489415%22%7d
Frame ID: 972436CBA07894B526850196DF004694
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWmprd09UQTFOR0V0TkRkaVpDMDBZek5sTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjMzOTUwODM1NjY4Mjg1OTEvODAzNjYyMi81NjM3MjU0LzM5L1FkTjZKNzZubEx6NWE0YVdac2lYZ0MzaHZ6aEJ3b2wzUmNuLV95ZU9jYzQvMS8xMDAwLzAvMC8xMTgzNDc3LzM1ODkyNjM2MTkvMjM0NDk1Lzc0NjM0NS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8xMDQvNDIwODQ5LzAvMC81MDYzMzk1MDgzNTY2ODI4NTkxL3pyaC8wLzIwMDIvMTkvOTk5LzMyMi8yMTMuMjM5LjIwOS4wLzAuMDAwLzE2MzU5MTExNjgvMTYzNTkyMzc2OC8xMDAwLzIwNzkv/AcM6Ib2LvwG3JgErjan9CQXRS_o&nodeid=2990&group=zrh&auctionid=5063395083566828591&shardkey=5063395083566828591&sid=5637254&cid=8036622&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.134.182
Frame ID: 309C5620BC9109106F50B01867BE2AE2
Requests: 5 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Frame ID: CD34A6214E332A4C7FAD37E12396EAEA
Requests: 5 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 5A6DC722E5B3FF44F11C40AC268852C5
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22302692811038273980%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%228042169%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%228042169%22%2c%22hash%22%3a%22-6379556490751253383%22%7d
Frame ID: 955EA4943309CFA4987EBE6F2A88A908
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWkdOa05HVmlZbUl0TTJVNVl5MHhNR015TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ1MTcwOTA2NDA2NTcwNjI1NS84MDQyMTY5LzU2MzcyNTQvMzkvUWRONko3Nm5sTHo1YTRhV1pzaVhnTEZTYWtUS0NnOE9fZi1sRzk4OGZFQS8xLzEwMDAvMC8wLzExODM0NzcvMzU4OTI2MzYxOS8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzEwNC80MjA4NDkvMC8wLzQ1MTcwOTA2NDA2NTcwNjI1NS96cmgvMC8yMDAyLzE5Lzk5OS8zMjIvMjEzLjIzOS4yMDkuMC8wLjAwMC8xNjM1OTExMTY4LzE2MzU5MjM3NjgvMTAwMC8yMDc5Lw/AXpEtyZPrTDMqiRl6W-wh28P_Qc&nodeid=2991&group=zrh&auctionid=451709064065706255&shardkey=451709064065706255&sid=5637254&cid=8042169&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.138
Frame ID: AC017B43A9EAD6D7776E34D7DBE9B525
Requests: 6 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 0F3067BD32A2E002025B24CB1B15CD24
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 1B53CE679ECCA8DAB7917974910C1B3A
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Frame ID: 4CE191923E52F0AF36A146736B91ADD3
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com
Frame ID: 0527E0B62D36C03720F95BF42785214D
Requests: 4 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=17640000011156301519519011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppznadm7ga9swiu%3Ftprde%3D
Frame ID: C6BFE9DB157533A368BE84CE8F7DB14B
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=19405900011156401649445011767012
Frame ID: AB9E81FE1D3E33E16E200B1F285D659A
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=a0d46182-0600-4a01-ad13-18ca0c0fc701&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: F420E1FEE235463A154B836837E973A7
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=62593500011156501649441011767012
Frame ID: 084B7173880B99195ECA698ACBE2043D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Frame ID: EDBD16B176791A7FCA06EB5C990032D1
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635911168223
Frame ID: 8AE42D41D57D7925593A87197F1ED65B
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 4018A21D11DC083C61C52AC8552654ED
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D8195D78E2C7C571773851425DB17C5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7DBC515C6B67E6385C744753AF296C8E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635911168158
Frame ID: 338549F77C229BDC2DB0611D405E1FFF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 8B8020DA71D674EB4897E8C90A76E2F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 4ACB36020528F64A834E8E15D3EB4B25
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B504BD1D0A77E8F17ADC22FDE87C44C8
Requests: 5 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FDBCC2CDA1D5B5328624FCBC49715E54
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C7BE0466AC387BF2C6A3A94BAB5B9884
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F2DB6A40371F563B493B370FD2A305B
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 9737CFFEE624A4D211D14DC2D84C2414
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 21ED6829A5CAA563FA41146D77D5EC28
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 183E1133173C395102FECDF5899504C5
Requests: 5 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 68C91B6F8639233F6A0146E9E320575D
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 7FA76179FE5B47B9E9EB9EABCC46507A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A21E09A66E7B5E38E4C30134ECAF2FF1
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: C47619BB241ACABE10657775A1F986E2
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 0D3FDF80AD380A1CC06287A41EF466EC
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: FF52BE661BD278B691D040CE5A74AA12
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635911168159
Frame ID: 9C46AE038EE97A3D4E23D4C7B1B9EB5F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 1B8239D3476A8BE3E59F069526496127
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 1597724E768FA177318A68BBFB49B298
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA654B67605772991895E36D4FAC91E7
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 9298432B432FC24A463C58EAE05998D2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2FCD8B9F1B942D870F33EEA5C13D25A8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 7485D85A5FCA2392E2514B6F461F9EE2
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: EDDE3DA6F37B58879EEA1D38A6E0F3B0
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 4B59E0720CCB29EED43E108961AE73B2
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=652327
Frame ID: 05338D900ED0167A1455C33A7F585E6F
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=238284
Frame ID: 1B25785326BCA6740FDABD481350B19D
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=289057
Frame ID: F58E26CB85C794DFE557023F7EB9C2F8
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=862531
Frame ID: 2065667CC7565C15EF6BA35E31E26522
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 51C077E0665B876328229A0CA80C869C
Requests: 9 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 71C7CDBC7387F4D00FB798068E96355A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D68817455A559603586B6E8C6898E45B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B806F509C7CC131B77D0506C6B4DD9E4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 32BB14E28265B3BB38EDC663A874FDBF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: FDD2242F94089E68BD97BC4808C81615
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: DDB2D9507A994BE8534CDD4D2F686219
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A1150D59B517AF6A2D236E011A260554
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A654A5004FB639550D3D469455EF3A37
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: A07B7A5445EFFBC05C383C75655D5D5B
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 3CE24598EDD93287FBD7CA73677212E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DEE00F16FC2B9253FC15EB68A6905F2B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 8C36D28F34F15F0A73C3946B252F564F
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 9890E5C9CF4856ACABC7E7097B107E00
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0675B517214A6198AA7BC29B500444D9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 0FA573BF083543A92132B36653B51D72
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 0C956376F1950CCBAEC6C249B2286D32
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B1653F0015D2024D9292E03918391E13
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: B1348475012FEE6E8B0DB8F734900143
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9D49B3B7F9F35BC89E6A9B07D55A6FB0
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 08C29937FADAA14966138440EBB32F2E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: C40AE02CCEB11E4490E0595787776BD7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 7677A9A97A6CF9270BADF672293694A2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 4AC21FB5C4CECCFF97585B9EB4160CC0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 1D7E35EE165C6E30C1C85A5AF31A1FAF
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 7F382E0B53F70805E95FBA0F52731AD6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 457B42D361AFC0DB5CA33EF8367B2E9E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: E7B07A2CADDD46FA5A2CB3E8F597594F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Johnson & Johnson Recipients 3,5 Times More Likely To Develop Deadly Blood Clot In The Brain! - The True Defender !

Page Statistics

465
Requests

75 %
HTTPS

25 %
IPv6

85
Domains

120
Subdomains

84
IPs

11
Countries

4279 kB
Transfer

8229 kB
Size

95
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://rumble.com/c/ConservativeMedia
Title: Rumble

Search URL Search Domain Scan URL

URL: https://t.me/TheTrueDefender
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21&url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&title=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&name=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&description=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21&media=https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png?fit=703%2C383&ssl=1
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&title=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21
Title: Reddit

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Title: VKontakte

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/dk?st.cmd=WidgetSharePreview&st.shareUrl=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&description=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21&media=https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png?fit=703%2C383&ssl=1
Title: Odnoklassniki

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?title=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21&url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://jamanetwork.com/journals/jamainternalmedicine/fullarticle/2785610?guestAccessKey=f6fff3e2-d1bf-4380-955b-4320910dbcaf&utm_source=For_The_Media&utm_medium=referral&utm_campaign=ftm_links&utm_content=tfl&utm_term=110121#ild210057t2
Title: jamanetwork.com

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2021/11/researchers-find-recipients-johnson-johnson-covid-vaccine-3-5x-likely-general-population-develop-rare-deadly-blood-clotting-condition-brain/
Title: thegatewaypundit.com

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21%20https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/&text=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain%21
Title: Telegram

Search URL Search Domain Scan URL

URL: https://lockerdome.com/roi
Title: Promoted

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 160

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 184

https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com HTTP 302
https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1

Request Chain 207

https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1

Request Chain 219

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=19405900011156401649445011767012 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

Request Chain 226

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=62593500011156501649441011767012 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

Request Chain 234

https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tSB4H3wwdEd4TWlWOTJhMUhMU1FDYkcrS0swZjBMR09rdmExelYzNHhFRHh5STBMN3A2aXJYZUdFeUp5TmlWNlNkM2QzOEFpSnM5WkltamZqZmlGemxiNzhlbktOc3owbnZ2RyswR0hFc2p1TEhCcjN3bnhFSFhOenZ4QWc2djlhTUI3UUx3SmxEZjhYWXZ6b0VWdjdRc09BUStWR1lPYnhRY3I4WVkwQWJ0YVpHKzlWcWZFVkZJSjVUMW5HdHBYOS9aTUVmZFp2N3dodWRaaC9kVVJKYnI0NnhvVTZKc3lOSE4zVXhVMDhlWXMvcGtmQjhjOGlrSnpodHlydDZIQnpZUnFjQ2xlclc0OG40bmsvY09PcWptN1dCWloxUDh6SGJqTkdxMThkQXBtMGY2RT18&cppv=2

Request Chain 239

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=i9Dw1HxjRkhGaVVhOEtJd285cHYvQ1hVcmgxbHJQQnBPYnBGS3lsQVdmL1UxYVZZa05jTnpsdU04L01zOWxXK0lETk5TeGdXRTJnMFJuL2c4eS8rRlA3MEc3WXJvM1NURGd1VmFod2ZHb0xhVXdiTWdFYjN3c3JJckh2OVZMa1ZrM2xUdWsyNlI4RVhkOE5PaWRTZmkrOGhJelljaERkT21Rc21CV2crdGR1RksxTTViZGM5a0w0bThqZmF1L2pGUnZkUi9QZkdKcFJXbWRFUUZPeXNPTTlQTWIyUWNvTFh3TVF1K1BuR043bUpJMy91VE9wbmxoTjhEOTBMbWJNajRaQmtiVFhoYS9QZkxnWVk0TnBoV3BRTmJjdS81MHJHdzhGakxoSWo1UlBXSnhIcz18&cppv=2

Request Chain 269

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=64c6a6a1-eaaa-47cd-8d72-c53acfc05f6a&gdpr=0&gdpr_consent=

Request Chain 271

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=6c569f8d-0859-49d0-a71b-7d9d40020aa4&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&gdpr_consent=

Request Chain 272

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=0&gdpr_consent=

Request Chain 274

https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=90032D93-FE52-40CB-9010-4C37E2893EE9&gdpr=0&gdpr_consent=

Request Chain 286

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=265ee97f-3add-4428-924a-75bc3383eb4c&user_group=1&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 287

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

Request Chain 288

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJLdQ8WBHshuAAJZDAZHw* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

Request Chain 289

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

Request Chain 290

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 291

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

Request Chain 292

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

Request Chain 293

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJEHQ8WBHspukAJZDIJDc* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

Request Chain 294

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&ssp=between&expires=30&user_group=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 295

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

Request Chain 296

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

Request Chain 297

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJGLI8WBHspukAJZDIJDc* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

Request Chain 298

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&ssp=between&expires=30&user_group=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 299

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

Request Chain 300

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

Request Chain 301

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=399b4bfc667d1126e6df7600

Request Chain 307

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d686e347-4b2c-426e-9e9d-dbda72a16aa4

Request Chain 308

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9b16581e-c1c6-47e1-a292-e9b5faa208a0

Request Chain 309

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

Request Chain 310

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

Request Chain 312

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

Request Chain 313

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

Request Chain 315

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 316

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=31540850ef06b4fe6caaf84d

Request Chain 317

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5466103988 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5466103988 HTTP 302
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 318

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 319

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

Request Chain 321

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2628785524 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2628785524 HTTP 302
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 322

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

Request Chain 323

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3c5fe110-f5c0-4f86-b51c-d43b00563015

Request Chain 324

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=de314e22-4a6f-41e0-b3a3-df1502b4a7b3

Request Chain 325

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

Request Chain 327

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

Request Chain 328

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

Request Chain 329

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

Request Chain 331

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

Request Chain 332

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 333

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2077439760 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2077439760 HTTP 302
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 334

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

Request Chain 335

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=768af712-be89-4b72-847e-2aadfc7f28f6

Request Chain 336

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b8fcc097-6109-41eb-93bc-58a0747aef56

Request Chain 337

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

Request Chain 339

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

Request Chain 340

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=358498991 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=358498991 HTTP 302
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 341

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=399b4bfc667d1126e6df7600

Request Chain 342

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2cf1719a-1c27-4447-9b27-28e9c08d1146

Request Chain 343

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f082ae-77c9-4897-98ff-93cd42f966c9

Request Chain 344

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

Request Chain 345

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

Request Chain 347

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

Request Chain 348

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

Request Chain 351

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2a1ad275-3971-4c53-b55a-cc59fb1f5fa7

Request Chain 352

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89052446-609e-4782-bd30-cc08b186aee7

Request Chain 353

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

Request Chain 354

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

Request Chain 356

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

Request Chain 357

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

Request Chain 359

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 360

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674008926 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674008926 HTTP 302
https://sync.1rx.io/usersync/tradedesk/2ea3f58f-3d91-49d2-a245-d0a8bd55c98f HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 361

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

Request Chain 362

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 367

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 370

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 374

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 378

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 383

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPL7v_jntjUOFtixJ2Tm9CI&google_cver=1

Request Chain 385

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA28sCyk6iyHSo14rqXxuzY&google_cver=1&gdpr=1&google_hm=2

Request Chain 388

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 390

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 392

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJw-p7rJuwTSO9NCfmqQDZo&google_cver=1

Request Chain 393

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Request Chain 395

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPmgohzZdR7PPe1hHr22vqI&google_cver=1&gdpr=1&google_hm=2

Request Chain 396

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=619325531603

Request Chain 397

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=1&gdpr_consent=

Request Chain 402

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDiW5rxYiKo4mge4I3IyjIE&google_cver=1&gdpr=1&google_hm=2

Request Chain 403

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Request Chain 404

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG57ni-abjxNMxc72t7TPJ4&google_cver=1

Request Chain 405

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYIGAwABrEZjrgAz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYIGAwABrEZjrgAz&gdpr=1&_test=YYIGAwABrEZjrgAz

Request Chain 406

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638503171

Request Chain 410

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXbNztSsqcicLTqrNCcfU4&google_cver=1&gdpr=1&google_hm=2

Request Chain 412

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELBFZFUfBASUb6WytOWOgIY&google_cver=1

Request Chain 413

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Request Chain 414

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 415

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 417

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b86979b0-d53e-4712-84e3-a7c909dd17a1

Request Chain 419

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Request Chain 420

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEols2mta483JJEONNVaGlI&google_cver=1

Request Chain 421

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhGkXEFpA0iCme8SROw44U&google_cver=1&gdpr=1&google_hm=2

Request Chain 424

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322320168610885

Request Chain 425

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7ie83YZF1MI7e35&gdpr=1

Request Chain 427

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 428

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=a3fe6e0a-237a-45fc-bfe9-9208b1e6ec2e&ssp=between&expires=30&user_group=5&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 429

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=a3fe6e0a-237a-45fc-bfe9-9208b1e6ec2e&ssp=between&expires=30&user_group=5&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 430

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3Db10b8095-2f9d-4772-990b-4ec77958b6dc%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=6d27e31dd80b4d5db6467179f4b79e3a&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 431

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3Db10b8095-2f9d-4772-990b-4ec77958b6dc%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=e713cc1c095b4191b99db22b2f53e2c6&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

Request Chain 432

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

Request Chain 433

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

Request Chain 434

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

Request Chain 435

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

Request Chain 437

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 438

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 439

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 440

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 449

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284

Request Chain 450

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057

Request Chain 451

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327

Request Chain 452

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531

Request Chain 458

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b10b8095-2f9d-4772-990b-4ec77958b6dc&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 459

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60 HTTP 302
https://sync.1rx.io/usersync/bidswitch/b10b8095-2f9d-4772-990b-4ec77958b6dc?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

Request Chain 460

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60 HTTP 302
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp= HTTP 302
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp=&chk=1 HTTP 302
https://x.bidswitch.net/sync?ssp=fidelity&user_id=ZTFkMDA4MjA4MGU4MGEw&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=fidelity&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk4ce7e41b-86f6-49c7-8e6d-54a1fb38c021&expires=7&user_group=5&ssp=fidelity&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp= HTTP 302
https://kssp.kbntx.ch/sync?from=kdmp&user=ZTFkMDA4MjA4MGU4MGEw&consent=&gdpr=&redirect=https%3A%2F%2Fmatching.kubient.net%2Fmatch%2Fbvid3kevgpikn2gm1d80%3Fconsent%3D%2524%257BGDPR_CONSENT%257D%26gdpr%3D%2524%257BGDPR%257D%26fp%3D3009134447 HTTP 302
https://matching.kubient.net/match/bvid3kevgpikn2gm1d80?consent=%24%7BGDPR_CONSENT%7D&gdpr=%24%7BGDPR%7D&fp=3009134447 HTTP 302
https://ssc-cms.33across.com/ps/?ri=0010b000018ldWcAAI&ru=https%3A%2F%2Fmatching.kubient.net%2Fmatch%2F33across%3Fid%3D33XUSERID33X%26fp%3D1860323048%26x%3D

Request Chain 461

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc&__user_check__=1&sync_id=96df6058-3c58-11ec-b4f1-1cf699440306

Request Chain 464

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47?redir-setuniq=1

Request Chain 466

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

Request Chain 467

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

465 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/ 219 KB
28 KB 821ms
793ms Document
text/html 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8bc93c8b7c1c6fab22bc0b52eda3f07b7ba61ae93f437fdb98746af1d4a558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 03 Nov 2021 03:46:06 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a829d146a265c50-FRA
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/34699>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=34699>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
cf-railgun: direct (waiting for pending WAN connection)
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-pingback: https://thetruedefender.com/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzyB3If4JfsInsyINl%2FzU1cCsyn1BzfqNabiNeTVaBxtx1Y9DDrPML9jEk0%2F6yo8V%2FLSUtq40HIJPs9ox59InUOg%2F98x3EqKpzT%2FDaXwcIbkmCYBFwbXKYw5PT88lWXHav1q4BlfBeYy6hw5ySpJsuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2 200 f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js Show response
cmp.optad360.io/items/ 2 B
360 B 50ms
9ms Script
application/javascript 2600:9000:206f:de00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:04:42 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 09:48:14 GMT
server: AmazonS3
age: 2486
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 3cc_uJcTW8XZa5UUsbVtfChN0AGoHIo0uYz5tyNp2KSv1ZPx1AmxtQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 390 KB
91 KB 75ms
36ms Script
application/javascript 2600:9000:206f:a200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c5ad9508977fa9a8685857181c93948a27aa92116e4801d95f3238c82075bd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 07:46:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"f6f0cf22d944c20b2a1f8454ca42afe4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: yYSfanUHSaofTm0mm-tbmNuyiCzWk896goirM_jj1SFzb3suha6fxA==

GET
H2 200 this.png
thetruedefender.com/wp-content/uploads/2021/01/ 19 KB
19 KB 19ms
15ms Image
image/png 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262723
cf-polished: origSize=21749
content-length: 19502
last-modified: Tue, 05 Jan 2021 23:49:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2%2BerPuggdq2PTKndohdFpfzkwlgc79WLJzOhIJ98rTdNZ9sfVgiXLvYnyIisGCA9QBGIUZjVRmwoXwfnjMlICVo%2B40W0AkzRNIIb%2BrgvxLtU2LJDKSOLR8h54xukTQ67q%2Fa1oq68t4KR45fX3dMex4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a829d1d4dcd5c50-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-19.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 185 KB
186 KB 33ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png?resize=703%2C383&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

804edab225f50363a8d2d5debbebac673353395388269e4213346d6b72828a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 03 Nov 2021 03:46:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 21:14:39 GMT
server: nginx
etag: "9294e988f7504f10"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png>; rel="canonical"
content-length: 189450
expires: Fri, 03 Nov 2023 09:14:39 GMT

GET
H2 200 tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 456ms
454ms Font
font/woff 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F1%2FpGZN98sHP20KYNjnb06%2FPSbwXunXToaCxGsqk41iebDNmhPMCovTu7U1UCqmjzm3%2B8DpRjwLgHu0ZGmS9qT7qhJgztRFmYAV8QROw6%2BOktrKd9iDPKHX6E7zA9legwyM8ocdPx%2FhRT6w%2FqQPyaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d19789c5c50-FRA

GET
H2 200 fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 460ms
457ms Font
font/woff2 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdzYOZCtbH16zCNFySC8cLrkPh%2FkT5VsOpYlE7yW9OVhc6a%2F5SklKyB6yrQrk70BBsShKBqSRapuvNXKGnM0t1s00w6vPb5pwtcf1GwFCI9ec2g%2F%2FfrJGmY0pnI9tUCyGy%2FZHeFP5Zi0YxTuA0ww8sk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d19789e5c50-FRA

GET
H2 200 fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 466ms
463ms Font
font/woff2 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX9pJFZuLxjMwBs79ZUmZg6A1bwA47nXwoih2gyvEe3JwFvCPDCaQZWA5utGJL6fzzK75jaO2EQMCoA3pvbw%2F0eRl1DyDgF5DVyX46sStaaiZTd7nzigkrqwftfM%2FmxLkJY7lw1yEWpjZeylo3W6LjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d19789f5c50-FRA

GET
H2 200 fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
14 KB 461ms
458ms Font
font/woff2 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz4hDqspSwOk0I%2BQyQi7fpQyx5vaOrjF0o0SI02q7zRO3cEg4OimpTh4keNSRwZH22M5MzjCl40NVRCb4UclgTzfTU7FIXxaRiSZsvOcHKbsuNzMQPFwHMawHvPCfZH42nqHm8XpbvGyUodfUutrI18%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1978a15c50-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 47ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f65c2e6dbf8b0af93b7f8c61f82f15a3694c91e7172fe015cf453c7d99ddabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35809
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 03:46:06 GMT

GET
H2 200 frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 7 KB
1 KB 478ms
475ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucN5IYwwRnB4DtyZdBq3nr2iDEHcRcPUC6wXGRjALLknIhXtlXdUA9Ld6yTvFILuRugASft%2BYHC7XJl9eIs976Gj9wItkd8mVfRzGyL9Y6axhJTE5dMW1MiNIbh0Vi5Lk4dh7I7Iy%2FbMHsEDh9%2BsGuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988a45c50-FRA

GET
H2 200 base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 453ms
450ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsw5xROWCWCMFRNBsxpia%2Fmx9zjv0gwWNs1jNrHL6jrXJpL66QA4eH96w%2Bb2OXhDHEIwOkGtITqHdYltVBaQpKVddVEKXl4FHOKPEmOoIzOFtjjN6dqSQQaRWWaT7xoaG5fdTbXxf%2FDM68RbITIHcZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988a55c50-FRA

GET
H2 200 style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 465ms
463ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW%2FLD%2BoOKU3G5hh9PUULSfBXqJs3Ya4LjSyPLW2IFbWfmCrHj7fGPAPHaupFDbOyeYsyFHBFbSjHzPKBoCZvU918AODX1VVUkkeCDzaWvfIwAqEhHM0ZZBNcGFNwTZ5DI7yEgv4Ic1ku1R1j5mVoB%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988a95c50-FRA

GET
H2 200 widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 464ms
462ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4RqYDT%2BEIgXVB5fM9mW3pHuD8O8lP0hbgav5jmyOdcSKy%2ByN02pdUZSd0PFw5FyEDB25VQTv2tMAlcorIzXmoRBSQAS7tcJpwNS%2BaBSh7v3DL5HSZiKqRhbph3D2uUuontrH6u%2BBZB%2FcributV%2F7IE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988aa5c50-FRA

GET
H2 200 helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 449ms
447ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErENtPKf8ThMcm9UkqF%2BNQRwhcxUKBeoewBd9HRSb48Mu7i7wr9qdtSI6UwUAhwZkkyCW9SU81%2BI%2B3myOQ4coKrJJOA7C05c7YOuXhBBNv6rpLvIioGBSY0n13mroWED9g1ToMKWe9qSQvq45lnAGhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988ac5c50-FRA

GET
H2 200 fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 5380
cf-polished: origSize=58662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdbrUg7AsemMYzIOL7q4Er4%2BGIFGXbdXiGm4ttRyQBM%2FL6uN3w7ym6ryBCPSSyqJALsXHeYpjh3mAO%2BeLuk6bFuzmrFlgPFhwnfDEKu0Q5vaRKXjU2c4LZOoVEZtGCfRJPaG%2Fd5ZAu0cPDrpq4BIcn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988ad5c50-FRA
cf-bgj: minify

GET
H2 200 skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 10 KB
2 KB 477ms
476ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
cf-polished: origSize=12018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeJxR8NM1tYo9%2FJZt0S8e6OZnlo9E4R0pCd9wCGesb4aVK7i7EqpcB8ZPsWScqlQ0SDbSjADcsZAQsQg52SN5zo%2Bf7%2BTdrN%2BJpis1qU0K95xaFI0LeZ5Fgsk7girBTjlNKxBoYbnTZw9Zzk7K5DBsys%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988ae5c50-FRA
cf-bgj: minify

GET
H2 200 shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 450ms
449ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qn3Zf50dsHHCMaeY6Ljc1xqq4mttszVcODGhTXLBAusHhrBX7xb1qeabI8ojfzNgQc%2FNFFAU7Dny4J1LNt3Y4Zh3cWzoAv8PjXK8ZaztmkOjteY9h%2FXHIcYHdzfxK8ZPe2V00g0iC3%2FE7RXRp9CLlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988af5c50-FRA

GET
H2 200 single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 40 KB
8 KB 464ms
463ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrlYEUVvUFCuqYnMfX05JIzaDkz44yQtsKDuSLASiVu8KL%2FwcW4ZV2d2drjzmAQkRdojlQF62hiF%2FRUSpSycFskBOu1%2FZgT5n%2FZ8lHNohuCnIfOSw2zTN5QwaiSY0RmP8cUme2hlp7ENeDC5rBltICY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1988b35c50-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6301
date: Wed, 03 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 04:01:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
thetruedefender.com/wp-includes/js/ 18 KB
5 KB 456ms
453ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 12:55:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7es4Hnl3YZQpgOGn2LR09gKEyeITI%2Bel6pU5k5iSa7I%2BTD71eGURK2SGOY3pYadNxxohdepcLykWHAWM7Lo967avV4Bxj4rp8Rqk9LUmKn4z42EMclULOIdZrhZFxxAl7YPmqsUS29ZQIMP5FnjyqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dcf5c50-FRA

GET
H2 200 print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 2 KB
932 B 450ms
448ms Stylesheet
text/css 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
cf-polished: origSize=2175
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK4lELnUK1qcqkaFVKDF%2F08zMzPQ0HKDU%2Fk1YdjCziD8Xqmhzd4srocwUGWBAccFC5udnSLA8%2Fm2dTdcUZzWd%2BE69CaxXrsWiPOIrPqXaQckR72zJ%2B1qUhuHFmg0UO2G3zKKkzKjcAU2ag4NYKZUEgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dd05c50-FRA
cf-bgj: minify

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 75 KB
13 KB 25ms
7ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 frontend-gtag.min.js Show response
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 453ms
452ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iey5mh0vG1Wla1d7CyO4KqVsjoRZNIuWf7UrYN0f5vSKXU535waPKJcm0xVB3HKpJGxj90fA9lFUu24MeipG3tSMojBQmDDpWDK1WNta3wz6J2Aq0xCeVr5ctnV4Vrrl5G%2Bg5o9C2kRAYesmt3WQry4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1a49cd5c50-FRA

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 25ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 25ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 frontend.js Show response
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 439 B
596 B 457ms
456ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.3
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Jun 2021 12:31:13 GMT
server: cloudflare
cf-polished: origSize=1539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BLVnRl81yE%2FmHuNgu0gPANNxKP5tqxYSVNhxeOch3UwiBnG%2BAM3r8JE9QiLYbjop2k4FXd54SaMnNYUXaXLWQWWI08pt4whXD5DHgsFb9uDcI7Wcy8df1tK8xSJ%2BYFHhLzH%2Bc2gF85nzcJ3CzZ2Huk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1a49ce5c50-FRA
cf-bgj: minify

GET
H2 200 jquery.form.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 16 KB
6 KB 24ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.form.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:53:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 just-contact-form-ajax-script.js Show response
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 388 B
482 B 454ms
453ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 22 Nov 2020 12:53:32 GMT
server: cloudflare
cf-polished: origSize=463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5Aj6KubFoqL1k1OJ8inYFKv7LmwfM66gfaZpjC9R%2BRWHjPy1ry1M%2FQptLnk4Rz0l6kMwyeHxF9sGrMMvTxge%2BPutoGlca8IqUSdN%2BRytYaHM0GTPkxY%2B5tHtgw3W1%2Bjydgp3Eq%2Fsqb0r5GH5yMJlgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1a49cf5c50-FRA
cf-bgj: minify

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 355 KB
118 KB 80ms
51ms Script
text/javascript 2606:4700:10::ac43:264e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 63732b65458ad902dda93dbf9b0673466b89492be178669f64e49618aecb5b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1810
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"58a7e-Z8kUpBZu+8SM1S/4lDtvR6UixCw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-cloud-trace-context: 1d5ca47c6198690a7c009a509bc8c555
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
cf-ray: 6a829d1d69e242cf-FRA
x-amz-cf-id: xJIVaYoN2zQenT8heQOdbkjrCuofL1sBNSrL2jcGv_o6sUM5r9WHIg==

GET
H2 200 email-decode.min.js Show response
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KfySO8zsrpPIgNKxOcAR1IskTUUhmLPHqXs4DqlHNaQicWXaD%2Ff%2BgV7X%2BF5kP7aNne6PSm%2BTsupR%2B60H70qEjtrxjoanN7J56U5rysi4hboz5kZTbZEJ5ialjjhP9158441dd1ja3l0XpfjEZfdhcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d3db25c50-FRA
vary: Accept-Encoding
expires: Fri, 05 Nov 2021 03:46:07 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/ 758 B
425 B 7ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/photon.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 comment_count.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
779 B 445ms
441ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
cf-polished: origSize=889
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63kQDyKtR%2Fu%2FcCYRl1IRWNeCML4BqZN22smpr4fEzKTKMGB6PGtxdCZRDo2pZmkXagjUnMjRpDOZUdVRHhR3TT0GK5LXLz8987Sd%2F9rIqdP9UmjWllJbCM1UnanL17CZRuioicuqYxnKnm6gviz%2F1Xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dbb5c50-FRA
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
690 B 17ms
12ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
age: 5381
cf-polished: origSize=1232
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F06N3oDUAVhcGn6AG96E5TCE%2Fp4TxmEvT%2Fzi9RwKNn2FEOzADd70aYDItMEaiqG%2FgnwAU11x%2BQO1HOL6EX8%2BjwYirlvVs2JcDj51E7oWTJ3j%2Fa71wJUXcy2xee8rOs7zZLSKFRZAavwcy6CBcCOPws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dbd5c50-FRA
cf-bgj: minify

GET
H2 200 6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js Show response
clientcdn.pushengage.com/core/ 76 KB
19 KB 73ms
31ms Script
application/javascript 13.35.253.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-128.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:44:19 GMT
content-encoding: gzip
server: nginx
age: 108
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: G1f11OJ4Fd8mUVqEcqZ_BFjuZLQBLA8LIVsvAqFFv6tpGMZQ8tHwRQ==
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)

GET
H2 200 intersectionobserver-polyfill.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 444ms
439ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNbVYig2kLKkA1CkBjDX%2B4qmY1ATexVCBW1r8lpzkXglLm4Pc778CVJCwsUtZ3Iinu9XSLtcUzFQmxsvs8gk8KxkZP0glDy6PVHCbZOO%2F8i5UrxJSl09FcWt6SdjvU2oodSIUIP4LpGnid3lHFQRbIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dbf5c50-FRA

GET
H2 200 lazy-images.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
2 KB 452ms
448ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O%2FKgStU2X8PsBMQvweA2CqlMakddvPUVYQsNhR%2FSY92LPiyXKISNqhN7ggG21xYnlTVLXNFr1JwCWh3ZYmYlQ7cSneCu%2Fw%2BMOMm3nsnwn1e4Oie99Iq18g%2BpxMUobY9HpHzi0IfwLDYViNpvcMsdCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc05c50-FRA

GET
H2 200 scripts.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 457ms
453ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZmInKo%2FeqWEUK%2B%2Fe2RXCLvIYezZbYu4otcNlGbsj6BqaYE5DNiD2PaDUhJZ3XKkcM%2Fv%2BnVw5RbJ1W0jy8VCVJmA%2B2xrTNYc105GwKruRxnUJQSM1SrLJ%2Bxf7%2B77hX%2Bx5oU1h7%2B50%2FxEAqgPYYsuWHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc15c50-FRA

GET
H2 200 lightbox.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 79 KB
25 KB 454ms
450ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
cf-polished: origSize=81423
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGYKyy7KYcVv3QmN61gDky5g%2Fz%2BOqdNSnlGQ9YZ4E5FfjLC6AVbctrButCPF9f508dPLsAMyMwL773wczCnRPcdzNO94mnjOANuwCjSAUkVH1q3hSrorSXf8H8YVaMWc0M0szYbQRuGe%2BWD2OrUWJTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc25c50-FRA
cf-bgj: minify

GET
H2 200 sliders.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 48 KB
12 KB 456ms
451ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTprmgmLJlYf4Mvb23tYI3jHZUXWMQmEg%2BmMVgUwp%2By33DZwORfqTZ0u2oVK%2BUPXOYqpAsHw5VL8aNwmNXNGWHXl2TJ28JkVl7Hz5Y184qL8%2B5sZu725DmAfABuFT8YxJZtsK1woFxYSh7LkqiyCg8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc35c50-FRA

GET
H2 200 shortcodes.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 10 KB
4 KB 456ms
452ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
cf-polished: origSize=11181
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfB4xmj2InGo4QUYywXG%2BXhuUW69zTN%2B1SErItyvd9z%2BCmClkiATwg9YxY9kMiS66JXdYFjzMv%2FUFxCtffhK16lok%2FNyUgYWpAva8dHx5ibvnB2%2F6MGc01PXGlLTNxscmnGWvQ%2FXUnBjo4YdP8EJHUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc45c50-FRA
cf-bgj: minify

GET
H2 200 desktop.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 20ms
17ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 6606
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAihTYTli9o5iugSW9PCBwo3GVLNLmnKvLmpFnbIP%2FFgl0LZ7da56fbaWsXHGVsueic6Y17zpRtR3nsnDxrakhydQ6t3ngKn2PscEkAQBF2o6vXd30BQTOWVzvLsqRQRRlV6bgX8loCBh%2Bjli2EqLco%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc55c50-FRA

GET
H2 200 live-search.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 20ms
16ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 6606
cf-polished: origSize=14601
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBU1y0xyuK9MzdyOtfx6CNbdXMw%2BfdFUPOPsZ7cZEzR%2B3UMGOrduQxYNt9G9ze9Fp%2BjK%2FJfSgzpv%2BoHdBlm7yrQAxI2FOn8YajixREqRd%2Ft4NZ4Lb3WGSSkQfu6n8c7XPO6PgCFPaywNGLPSS78zuRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc75c50-FRA
cf-bgj: minify

GET
H2 200 single.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 448ms
444ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab9%2FbDHVbNQFzNAfx%2BOrovpiIiMQbmKWuMlTPeWhyYJIrgVWLEHlrz4f416FC8%2BfQ5Caax%2FPvysTuu%2BAbWG3gQzffYCCV1W5cHleOOFAjVXfK2xfSzCRWDdS7BIYtsV%2BbNOuEzjgb%2BakbYZv1um5hkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dc85c50-FRA

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 3 KB
1 KB 10ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 10ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 03 Nov 2022 03:46:07 GMT

GET
H2 200 br-news.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 448ms
445ms Script
application/javascript 2606:4700:20::681a:842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
cf-polished: origSize=5594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJheq7rg33MOqN%2Fn4IAtBwBonuUrswkWCwCy9R82Nk2xKZS2JBo4Q1NEBJTv7xhketWTIlmVzSrtlzi5mlQJ9Hgc0S7svtgkRIqNm7c6Lv2KkxKkGJyC3rkE362bE2%2F2UPJkW%2Fc7bi%2B3PSiIFjwRQ%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a829d1d4dcc5c50-FRA
cf-bgj: minify

GET
H2 200 e-202144.js Show response
stats.wp.com/ 9 KB
3 KB 27ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202144.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 24 Oct 2022 05:44:33 GMT

GET
H2 200 thetruedefender_thetruedefender_sticky.js Show response
cdn1.lockerdomecdn.com/embeds/ 1020 B
1 KB 85ms
11ms Script
application/javascript 2600:9000:2057:d800:b:6268:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d800:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 16:39:44 GMT
server: AmazonS3
age: 80745
etag: "5bc9056f1e2006913082934b4e7f8720"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 02 Nov 2021 05:20:23 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: imSfNhM1mfxBNVbhTG2CknSJHZjkJ0C0hi8I0kR8A_iEClYeAMasSg==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 86ms
9ms Script
application/javascript 2600:9000:206f:1800:a:cbb7:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1800:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:04:09 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 19:55:37 GMT
age: 6157
etag: W/"14f4-17ccd9f3bff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 0NxrCeWvXQQ1NNfGX-h92TrSV-2ahsZ3sxmy0XqBkETDIKOii3pNvA==

GET
H/1.1 200
OK TheTrueDefender Show response
xn--r1a.website/s/ Frame B624 108 KB
17 KB 213ms
53ms Document
text/html 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/s/TheTrueDefender

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

9ab713c4808b14a9833a5224815508ae311222528bf5d4d3be0c7906cb1318d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: nginx
Date: Wed, 03 Nov 2021 03:46:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Cache-control: no-store
Strict-Transport-Security: max-age=35768000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 63ms
21ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

d2601de99d171f4eb71a0dfa4c118703fd889e63fa6eacb00245eadc3fb30686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 144 of 1000 / last-modified: 1635890752"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27255
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 11ms
10ms Script
application/javascript 2600:9000:206f:a200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:15:22 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 649846
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6dR_pD3fNh0WfvxGnS_mLulJODsWfB82OZ_aF46w__vxK4g-DAzBMA==

GET
H2 200 Untitled-18.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 64 KB
64 KB 31ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-18.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

37e6a588d4af02cc12d4df410a025801d95540ba12819ab33aed491854314dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 03 Nov 2021 03:46:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 21:14:39 GMT
server: nginx
etag: "1d3004c4045e6b1b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-18.png>; rel="canonical"
content-length: 65748
expires: Fri, 03 Nov 2023 09:14:39 GMT

GET
H2 200 Untitled-21.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 79 KB
79 KB 41ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-21.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b63142ffd137bafdfb2edfc236470f0dd20e94fe6dc0d514d4af1590e5a86d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 03 Nov 2021 03:46:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 23:03:37 GMT
server: nginx
etag: "63abf7c37bc8c266"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-21.png>; rel="canonical"
content-length: 80484
expires: Fri, 03 Nov 2023 11:03:37 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Nov 2021 04:08:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1890369962&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ul=en-us&de=UTF-8&dt=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1191891208&gjid=359142725&cid=482854627.1635911168&tid=UA-186892928-1&_gid=968910877.1635911168&_r=1&gtm=uar&did=dNDMyYj&z=1573820660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 43ms
14ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211103

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015964ab01e4bd0a7384e8ac665f75be9388c6810a696c443051a6395d7c36fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2706
x-jsd-version: 1.0.1149
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a6-SzBe9d+ve5MAE8Zyq8jWujkfGBY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a829d1e1db26919-FRA

GET
H2 200 pubads_impl_2021110101.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 16ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110101.js?31063401

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120683
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 08:35:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 150 B
128 B 32ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b9b119103a6c75308bbc9ba8dc606a095dd200104de1398912c0ba8ad33ac305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK 13997836195017830 Show response
lockerdome.com/lad/ Frame 3A39 1 KB
2 KB 468ms
122ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 03 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK 14009642120598886 Show response
lockerdome.com/lad/ Frame 690D 1 KB
2 KB 473ms
128ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 03 Nov 2021 03:46:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B624 4 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 02:35:37 GMT
server: ESF
date: Wed, 03 Nov 2021 03:46:07 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK widget-frame.css
tlgr.org/css/ Frame B624 67 KB
15 KB 341ms
254ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/widget-frame.css?47

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

23695860a414cbbe4eb223a9ef31f944a10eb43953b59b5eca3e069ebf3db31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK telegram-web.css
tlgr.org/css/ Frame B624 21 KB
5 KB 224ms
137ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/telegram-web.css?19

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK biPRL19NEjtygHnvyN7oKHzxpKO2VWho--iuTNjF98UnOVfezYBCuvH48_jOrVDkNzhVXvz14Q2-2R9BNvG5hu_ln_Z5v_PDj8KkSguQ-44YWLSFqn0dic5uTfoQ-YylBct6_GKVtilUKYCfX7IrNJlqmLsotpTbJUHGvxGESXCPa1y6JjZVZVU1WWuIpC9kQ7PEY...
cdn4.telesco.pe/file/ Frame B624 14 KB
15 KB 140ms
53ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/biPRL19NEjtygHnvyN7oKHzxpKO2VWho--iuTNjF98UnOVfezYBCuvH48_jOrVDkNzhVXvz14Q2-2R9BNvG5hu_ln_Z5v_PDj8KkSguQ-44YWLSFqn0dic5uTfoQ-YylBct6_GKVtilUKYCfX7IrNJlqmLsotpTbJUHGvxGESXCPa1y6JjZVZVU1WWuIpC9kQ7PEYjwnBIi3zNtaz5ZXJ3IxanFe8wRPyJh00h0tUhYYYHUMaCjbo9JJ1sxANOPZAE04RvkYe-IgHw4SUZ1IQcXeLgW2F9CfiyXz6GN4zayihSp93Hxr3fo5UTWLq47jVAXFeVieZeAOoWVbpUlJoA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14470
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-14470, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK jquery.min.js Show response
tlgr.org/js/ Frame B624 94 KB
34 KB 199ms
199ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
tlgr.org/js/ Frame B624 96 KB
28 KB 228ms
228ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery-ui.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK tgsticker.js Show response
tlgr.org/js/ Frame B624 14 KB
4 KB 193ms
132ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/tgsticker.js?24

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK widget-frame.js Show response
tlgr.org/js/ Frame B624 82 KB
20 KB 288ms
198ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/widget-frame.js?51

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK telegram-web.js Show response
tlgr.org/js/ Frame B624 11 KB
3 KB 261ms
166ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/telegram-web.js?10

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 07 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK count.js Show response
thetruedefender-com.disqus.com/ 1 KB
2 KB 36ms
7ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/count.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 177
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 01 Nov 2021 21:23:57 GMT
Server: nginx
ETag: "61805aed-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: ymhepL14CTrb9LcL9_GFCN193h8VVTxBS0KUKRIVBRV8QrvCUEBHSg==

GET
H/1.1 200
OK embed.js Show response
thetruedefender-com.disqus.com/ 74 KB
24 KB 187ms
158ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/embed.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7db2f03af35fd402061f0935eba0eea487e765b7126e2de7d2a998fb090d479f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router_gunicorn
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24533
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 7ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189343063&post=34699&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&fcp=1474&rand=0.9187359600948328
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Nov 2021 03:46:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 sjs.js Show response
cdn1.lockerdomecdn.com/embeds/ 17 KB
17 KB 8ms
8ms Script
application/javascript 2600:9000:2057:d800:b:6268:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d800:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .wYtctBP_XBnIa5iny.dScquLAjeZQyF
via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:45:53 GMT
server: AmazonS3
age: 5884
etag: "4b1238444af4e820876b6750a0d87dbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 03 Nov 2021 02:08:04 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17533
x-amz-cf-id: HTO8OdDfYP-8rP9Q_AblePUs6eI6Yc5nYvKhxbuFkDOjqSRa7UQvuA==

GET
H2 200 entities Show response
users.api.jeeng.com/ 184 B
643 B 205ms
189ms XHR
application/json 2606:4700:10::ac43:264e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=4.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F
Requested by: Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a015c01558367aaf8c7f7f01dac77bd83041b6977bddae75532bc9bbd2543421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
content-encoding: gzip
server: cloudflare
etag: W/"b8-5y5gV4WeMpe6S6PvB3Cpmt7j5yg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 47b41d2e8b4683ec6c7ca07fe5ba6250
cache-control: max-age=3600
cf-ray: 6a829d20aeda5c32-FRA
x-amz-cf-id: i2OYbkz17ZpX5_Lt7PEUVaiwJbAKjjh9EnStQllF2bP5aiwWE1mGMA==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
943 B 48ms
19ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471303
x-amz-request-id: txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2: txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified: Mon, 18 Oct 2021 08:01:51 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc470kHAMszg%2B2JpC90VB1ICjwj1wS4xTTzGBy2FsVQp7tfDVS1Z7I%2BSFeErUxJDrtyCjoufg77ZUax3X1g8gl8RxP%2BsArBl9zpo34HNEhRvDKJT5lde2Pj%2FOcHop7Z43Zz%2Fd9FgRWpvZGyZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1634544111259554
cf-ray: 6a829d20bd6ec2a9-FRA

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 66ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=38360140737
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
367 B 61ms
30ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a829d20c8296987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 341ms
111ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 65ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 172ms
95ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 63ms
16ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

df923a26f3910e55eb879b3ab4a719a2bafb652dcf1b9c04395ad625d45faf21

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 77c85eee-09d9-4056-b9b6-c034a276131d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 303ms
110ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 03 Nov 2021 03:46:08 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
338 B 211ms
166ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d20eca10ebb-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 945 B
2 KB 144ms
70ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 410496480e4dce77b2305cc51fc7445c74d486605957655f41b60ee3028f04b3

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b10%3b79
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 51ms
8ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 56ms
15ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a01010f4da8ada0195146fe8ecafc42c9c8b1f0e2db5a94e3906bb22189e88a2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e679e911-5e80-497d-8e7a-78e3079cdee5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 e72a8036daedc055e34e45e4989680b2
secure.gravatar.com/avatar/ 36 KB
36 KB 48ms
7ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f41cc4fab403de9d228f97f48da9d1985a2a00307ec22f09cd7f7b1e98470c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 03 Nov 2021 03:46:08 GMT
last-modified: Sun, 14 Feb 2021 20:09:30 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="e72a8036daedc055e34e45e4989680b2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g>; rel="canonical"
content-length: 36776
expires: Wed, 03 Nov 2021 03:51:08 GMT

GET
H2 200 Untitled-19.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 185 KB
185 KB 8ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png?w=703&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

804edab225f50363a8d2d5debbebac673353395388269e4213346d6b72828a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Wed, 03 Nov 2021 03:46:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 21:14:40 GMT
server: nginx
etag: "23b76e5e1736e046"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png>; rel="canonical"
content-length: 189450
expires: Fri, 03 Nov 2023 09:14:40 GMT

GET
H2 200 Facebook_New_Logo_2015.svg.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 3 KB
3 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Facebook_New_Logo_2015.svg.png?resize=220%2C150&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2f5159a5a4567c1c1a7406088ac84919717d451a166953ee0eccad89d65151c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 03 Nov 2021 03:46:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 03:04:42 GMT
server: nginx
etag: "6c5c65d6622e6361"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Facebook_New_Logo_2015.svg.png>; rel="canonical"
content-length: 3104
expires: Fri, 03 Nov 2023 15:04:42 GMT

POST
H2 200 bid-request Show response
rtb.adpone.com/ 768 B
989 B 81ms
42ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121725125956429&gdpr_applies=false&consentString=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd447e8093041ec5487dd81649b6eca2642464d3357d115ba7532eebe9dd855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSPlpr0UY3YgZZ0PqcOkq5X7%2FNmqNAzm265CkOYOKXai%2BhnT6dxyteIxYyzsX5hI%2FfMJsnIzqAMGFZ5KRJfxYgTpJ5BejecK6RKmRypKKEegqy8GHqywahINSxuGmlKSpE5vKzral1N6v52F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d20eb19d711-FRA

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
132 B 295ms
258ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d20eca20ebb-FRA

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
275 B 120ms
58ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 290ms
110ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 03 Nov 2021 03:46:08 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 58ms
26ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2763b6b135badda78c1646d336e83da1faa0d200290bbf4106b552fcb64f68c2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 71314e45-8a99-4889-a652-1b95946bea1c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 989 B
2 KB 131ms
69ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e80d5392b96d4b7baa52d6002ae2c9031ceaa5b2734dbd06a6f6ba17fba9dea0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b5%3b76
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 43ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=43300032586
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
37 B 46ms
38ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a829d20c82b6987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 320ms
112ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 37ms
8ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 43ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 114ms
82ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

01f33379002ab450c9b1438038e921c12d134e1c337b7ba88c61793dcd5efcdc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0012716a-b60f-479e-a62f-48dd862a578c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 14447308783736934 Show response
lockerdome.com/lad/ Frame 0A6D 1 KB
2 KB 133ms
132ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Wed, 03 Nov 2021 03:46:08 GMT

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 354ms
353ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d211cc40ebb-FRA

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 261ms
111ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 15ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 844 B
2 KB 147ms
87ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fd45d8c89df8b3a1d69431e2d09284cf2964581415239fc2d340f2a4cea73aaa

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b20%3b67
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 226ms
111ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 03 Nov 2021 03:46:07 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 349ms
48ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a829d22fbb06987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 9ms
9ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 54ms
53ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 24ms
24ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f6a3cc344659205cdf280b9173c4e1d1ff1d21f3637d1ed5b021d00ed8eb7924

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2b791141-0d60-4aa9-bca5-48f333d5348f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 13ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=15829732712
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 24ms
24ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

7645bb69411d19317f374ba4f6d27b8e5e6834d48e4013e2a8a47bce331d4c78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cdcd4090-9a20-4547-a6d6-1316b9724112
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 75ms
26ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31acb5a1bfd3279d02d72ee15f789cf17d5a3b7aedbccfd69c7fd0c9231249f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411595
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx3f59b4c38b1e4961ab5b4-00617bbe35
x-amz-id-2: tx3f59b4c38b1e4961ab5b4-00617bbe35
last-modified: Tue, 26 Oct 2021 12:44:37 GMT
server: cloudflare
etag: W/"8ec24d7d5eb122de640bbbbbdef4b039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pYrOL5pibq5mZlpiLdNADCDfgJP1Y1cOamWpEeBe9LBQ5w0MvupJ3FCxd1ZDe%2BmG6m5%2B%2BE0YgWlPktyHlCdjBXMaWOIddFtJF5Pb4TDDKZC1V6oMCB9ASO2A10XuC5ZM8hjyP6qmzm88TrU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1635252277188299
cf-ray: 6a829d219b6e4e3e-FRA
access-control-allow-headers: Authorization

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 16 KB
7 KB 145ms
98ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b23622b123493be701aa3dc1770b2702145a2ef9172368a407c7c2b980b19840

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b11%3b87
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 29ms
28ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 319ms
44ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a829d22fbb16987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 33ms
32ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d9d3b25960c2c0d0cdfd36f4e5951990cbd116204622bdcb13fe8ad839a38300

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f6fc9d60-878c-488e-ba9a-1a708a661439
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 191ms
190ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d214ce40ebb-FRA

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 48ms
47ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
40 B 196ms
110ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
x-nbr: 1
date: Wed, 03 Nov 2021 03:46:07 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 33ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=77786606588
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 227ms
110ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 33ms
33ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

95f7f517e7dcdf1370d5b560b6c462c344587a364743fc2242a3a6d6f38dd4ff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 34176da4-840b-45c5-917b-56a21a76d8d6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 33ms
33ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 3A39 45 KB
17 KB 100ms
32ms Script
text/javascript 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 87
date: Wed, 03 Nov 2021 03:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 03 Nov 2021 05:44:41 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 690D 45 KB
17 KB 131ms
63ms Script
text/javascript 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 87
date: Wed, 03 Nov 2021 03:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 03 Nov 2021 05:44:41 GMT

GET
H2 200 lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 169ms
40ms Other
text/css 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31260
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26057
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-65c9"
content-type: text/css; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: UigRbOhMJQVLLCoL9bsVsdPC2N_9M018EfgNCRfNGw9dcl64oVMU6Q==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 193ms
66ms Other
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738038
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: sJDtPEkJt75nM5uZIj7gKsMXeHY-ynGU7ChKKcjMb0V94CnlX1eaog==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ace98c1ec418cae085455f6914352928.js
c.disquscdn.com/next/embed/ 0
119 KB 240ms
113ms Other
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ace98c1ec418cae085455f6914352928.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31260
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120848
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1d810"
content-type: application/javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: hY8nWtzR5-thH43HzQdATdsnAhayLzjWNa_d70WZN45_TcthKqwqlw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
14 KB 89ms
23ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vaIC57p2USyrdgmZ2Ko7DmPX3VVm9f4lgR7iNGs1cPCdy2UaasS6-2msAKRjkl0wDC6dXtkbItHgAtMHEfYGXz_NxduY_IHA_Y-XVciHqkY0XeVz0fOSal_B3D4zBwkQxZOscZ-_PM7a4YfNkHFJ3TBgrKWosBEIPEhWoyLglsc21jdJX6uxAP0rPId8YqQnmrb5K...
cdn4.telesco.pe/file/ Frame B624 98 KB
99 KB 123ms
56ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/vaIC57p2USyrdgmZ2Ko7DmPX3VVm9f4lgR7iNGs1cPCdy2UaasS6-2msAKRjkl0wDC6dXtkbItHgAtMHEfYGXz_NxduY_IHA_Y-XVciHqkY0XeVz0fOSal_B3D4zBwkQxZOscZ-_PM7a4YfNkHFJ3TBgrKWosBEIPEhWoyLglsc21jdJX6uxAP0rPId8YqQnmrb5KJlT3R27gIZd4cDtkcv-_la3Dbv_npR5YxzAY-o67wlvIvQIXXdg5ywPG6vuar_4yGNS5QpzeCmUqvm2rla0G_xQh1sMevH7DQiH414mY-KBwB7n1_g7sg0B5UgB-MdHNe9isDyrTvQ_DZwkqg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3e32dd5f51c877408019caff9857888020ce7779f99bda59d10d113f7604c0b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 100841
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-100841, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
DATA 200
OK truncated
/ Frame B624 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Ipe_XEWkkpiMU_IL9cfcun8FJ1uMeQkLeX9RKRAKiGcLvI9y8pCGDhNQsJBwk0Xf4sFFJatl8LRaYmRu9UVhLG0X4SG1nFkQV5M8BJsIwnecnZ1urWzbbgKuLsxxZQWRIy0_bbUVPlIDfYOrGJdrOgh91S5YgklgWR3GJ-PvldDw2XPCPtiAdfPjXUNOJg1fWgcOj...
cdn4.telesco.pe/file/ Frame B624 56 KB
57 KB 122ms
55ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Ipe_XEWkkpiMU_IL9cfcun8FJ1uMeQkLeX9RKRAKiGcLvI9y8pCGDhNQsJBwk0Xf4sFFJatl8LRaYmRu9UVhLG0X4SG1nFkQV5M8BJsIwnecnZ1urWzbbgKuLsxxZQWRIy0_bbUVPlIDfYOrGJdrOgh91S5YgklgWR3GJ-PvldDw2XPCPtiAdfPjXUNOJg1fWgcOjCNCQAuC-sGIsBTqVfduRx1ayywr0e_prdSk6tKm0wMtlDdpFevtSHyGVwcx7qjXINc1yvueB0K2rUfEjwokyv8qGQIDA94er0VEuTUT014WazCqHOdcOz9gQmRm9pUbOt4sw6fVfN83R2xXng.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3ba2c590c10398cdd1488c24d30220c44e4faa04eeaa2d874a14da5d550b7b18

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 57801
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-57801, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK HNLbpxdG3o7o2EK92p3Huz1fooYXVMRjzZCZH7i30VTeUGebVvQITkDZF5uVH254BKN1QskDmkVci3IA25U1otGSQv54YAqc__A9CVpF-K1KED8Hk4yO897XDU8VAR_GBP8ZSbZxgsWsKohVCEQyxGbl0_CXr5s46ZUXRYFRxgCZ9rwV2qH0hx-TyxBrxGP0w6l76...
cdn4.telesco.pe/file/ Frame B624 73 KB
74 KB 122ms
56ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/HNLbpxdG3o7o2EK92p3Huz1fooYXVMRjzZCZH7i30VTeUGebVvQITkDZF5uVH254BKN1QskDmkVci3IA25U1otGSQv54YAqc__A9CVpF-K1KED8Hk4yO897XDU8VAR_GBP8ZSbZxgsWsKohVCEQyxGbl0_CXr5s46ZUXRYFRxgCZ9rwV2qH0hx-TyxBrxGP0w6l76Zh1KjqLNbYrc6ZyA4UzmyKxT7xmi-C8C6XMoh9yBWGHfWATTn_ctFxdJ8U0pfxyLQfxR_MwXZk4R4tG5W7HTpg14IROfcDaOtCQn1ImeckqsvC8RNlkcHK4iJ-93G7_ttg6S43LVhpjZZWVig.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5ba4f5a677d6ea902838fd0129ecf4bf43b6b9f81b266b250e932ae49f1d9564

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 74825
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-74825, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK QQlrtIK9LhD3a6zfyewwR2WESt4iqbzYoowwpNjLF0xUwZQutHuoUFpAJtfCLNJYpdYe9Wb6bxIWiZQ0EGu0qCnySGZifB2bcT9KZ4uLLsZ-HwYPmvb41kdSvRSjweO2zZtRGMaRr29iOxR3iBuT7Nw0ImrjPYH7p8qsmazFokUc9jjgKDoDiX5RFT1a4gd2w1jYU...
cdn4.telesco.pe/file/ Frame B624 47 KB
48 KB 126ms
59ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/QQlrtIK9LhD3a6zfyewwR2WESt4iqbzYoowwpNjLF0xUwZQutHuoUFpAJtfCLNJYpdYe9Wb6bxIWiZQ0EGu0qCnySGZifB2bcT9KZ4uLLsZ-HwYPmvb41kdSvRSjweO2zZtRGMaRr29iOxR3iBuT7Nw0ImrjPYH7p8qsmazFokUc9jjgKDoDiX5RFT1a4gd2w1jYUwJKkZqPSu7_2FB_N5lLeyvQ8p_iwhXmuvW2eV8NxtBXRjR3Busr1zrRHmGpHw_nA5y5Lsf7BnlKjQHO_AIHRsONZnA7zz6t1gOGyMWXXRZulBtRkvcnEcZXJpzXzZNbO44Sy_qrlsNxeLRPIQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5269b569fa0528a8a3b2ab46ab09447408391e7287f03c6a8523fcbf7239f3b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 48634
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-48634, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK v5rXmLa-dpmCD5R0klNJpf5KiYQ4RpEeSY1h2APb4UzIxo6o5SMr_X6zK5riHzWtzB3uJ9zUW6RsXpgVwGRGRXR0BKsmLxUVEGFRIWUX_tbZBLFKUdDJDVFePVLh5K_dZ3NdbwFz7fd8bOI5pY3YQQ8mYrrdYxSEcgYV2gCLb_FQF8ppyyeAg2ocjJpBh4pKzht2b...
cdn4.telesco.pe/file/ Frame B624 81 KB
82 KB 137ms
70ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/v5rXmLa-dpmCD5R0klNJpf5KiYQ4RpEeSY1h2APb4UzIxo6o5SMr_X6zK5riHzWtzB3uJ9zUW6RsXpgVwGRGRXR0BKsmLxUVEGFRIWUX_tbZBLFKUdDJDVFePVLh5K_dZ3NdbwFz7fd8bOI5pY3YQQ8mYrrdYxSEcgYV2gCLb_FQF8ppyyeAg2ocjJpBh4pKzht2bdfLnNu_LlZKnKHFLs4b1sqh5plIWLdUfbJUWTqzYwGSvz2ZioFeM18Te5_KpGJHkqHOt1po51pySOr2zzpOo0JOn0Ij1yGEBYNSyWfqwz3mE4P_OR2ZnGCwBWPillqpse_Qepf-GHw1eOqMqA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d859402073416136cd706c883ae28bb041a61c6f6ff181e0ae9c06ed9631d82e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 83343
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-83343, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK frpj4iFvh0GfC1CSObq5NbLXz2AQbb57GpSSUebYg-cb-5rSKozJSd15jTQ8aH8k0a7Ug5u0T-2IgplPKTM_KBeA_Cq5HV_kdCtSBg_ceZFE--HYUspLTVOqlSQjgysBGul7COXsvNEKnRSNlUEBjoZAfXU-tFUw2Bbu06wGb8uf3E5auPsoVy20BOthv8dYA_gF5...
cdn4.telesco.pe/file/ Frame B624 26 KB
26 KB 47ms
46ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/frpj4iFvh0GfC1CSObq5NbLXz2AQbb57GpSSUebYg-cb-5rSKozJSd15jTQ8aH8k0a7Ug5u0T-2IgplPKTM_KBeA_Cq5HV_kdCtSBg_ceZFE--HYUspLTVOqlSQjgysBGul7COXsvNEKnRSNlUEBjoZAfXU-tFUw2Bbu06wGb8uf3E5auPsoVy20BOthv8dYA_gF5TpxzU4Vb9KSwvPmUraqY9g_mt5SiewTlOrd30YJ65B4OMNXA05N1ekGFC3V_weNPv29zZeBJMQuVuHm9mcOQ2ZW6zCwnmM-4y_qrxFJXcGLPd7QON80-lfIkSRHEq7aMLoFoXfesw2h8mXm8A.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

c74e03c5f06c7a777111870687ac13741bbe623067bec980374ba3d668904311

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 26255
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-26255, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK IcRhvKKAewNUfCCnLQC3u6NBEFu3zaZg7zbhizvmqBal4R9MRkyVGhciHfgEVAaWt1D7sYK41Do0thAgVWEmsxxHgN2aFXQFGPSYnXbgbdG-wS7aGCYsVBWbmcPtisGMw5z44wcp6Ox7cHoDalVkNsa5T0g4OsYrWLqzaKFxiY7U7S_d4xnrUXLz0Tgn17tmA_8mh...
cdn4.telesco.pe/file/ Frame B624 36 KB
36 KB 28ms
28ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/IcRhvKKAewNUfCCnLQC3u6NBEFu3zaZg7zbhizvmqBal4R9MRkyVGhciHfgEVAaWt1D7sYK41Do0thAgVWEmsxxHgN2aFXQFGPSYnXbgbdG-wS7aGCYsVBWbmcPtisGMw5z44wcp6Ox7cHoDalVkNsa5T0g4OsYrWLqzaKFxiY7U7S_d4xnrUXLz0Tgn17tmA_8mhEM_Unkt-dy2svZ7CxbjUtjfjHhOX_kYRYGtd66vpr8zz7HulUe3DDlLhAUanQ5u9V8YNBG9VaVRDGogNUcG_G9IcEYEt6OdG_naAXoTKoBL1kTYncICy4W7CxthHQQQNmA1hUQxFFxCNeozVw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7ed7991567af566628cbb8a721f6a4eac1d43220eba83867a6b4360b0cb490f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 36598
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-36598, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK ovadIUsez9FoVnhuzwKepFP29xfvaq353BllSA6hgGdnCxUq1Qmdt76sW6t924MJomto4rOANklZUTINeayIVvmhQD0FQxLpl0LQ-Cwmu5llbDdJMrsUWGYQ0VkpHRHs4T1S4F5YFjbBXJ5NW93zysAx39vLP1VahyU8Fp8izEyoyoqCB5M0JusrUEFSfqhUSbgoo...
cdn4.telesco.pe/file/ Frame B624 48 KB
49 KB 36ms
36ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/ovadIUsez9FoVnhuzwKepFP29xfvaq353BllSA6hgGdnCxUq1Qmdt76sW6t924MJomto4rOANklZUTINeayIVvmhQD0FQxLpl0LQ-Cwmu5llbDdJMrsUWGYQ0VkpHRHs4T1S4F5YFjbBXJ5NW93zysAx39vLP1VahyU8Fp8izEyoyoqCB5M0JusrUEFSfqhUSbgoo4xjY1ub-_bAwysQ4zctoF1tk3cfzBE0iqhtyZsxaQZzMbgqa1L5VyCwApLrpOhd1u99IS2RqhfXjhifrCsbasHitwbBlvzHNwMUPrpuAZt1E93x0IjwexOnD0qjODAsxulStrcag5hqtB9SJw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

50b8c8186c42f2c359478833bd354794e1025cfe16665c6348d7a9256b5280c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 49582
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-49582, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK So0rjD36AaTG1YKFdzlvRUtZBII7anjgSCHAQHWJ1XNZfC_jPp7WSDgnKUzFAWwOxzefaoeOwCLXQYTh7i5oA3KAodCNV27iFumu7rCdzyc1EXv6G-GZXqq-9MvSKwtzVSgs91kFue2fCeuzjAHyqOJWi6S_LAt7xd73xoB9Ztu1o8Ya83vvsiyAvlgULPYhPZ8P3...
cdn4.telesco.pe/file/ Frame B624 28 KB
29 KB 30ms
30ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/So0rjD36AaTG1YKFdzlvRUtZBII7anjgSCHAQHWJ1XNZfC_jPp7WSDgnKUzFAWwOxzefaoeOwCLXQYTh7i5oA3KAodCNV27iFumu7rCdzyc1EXv6G-GZXqq-9MvSKwtzVSgs91kFue2fCeuzjAHyqOJWi6S_LAt7xd73xoB9Ztu1o8Ya83vvsiyAvlgULPYhPZ8P3qvW5ZJn5vWpLLkWGKa2e5C95VQSbiD2MM2oXpYZ6MBGZ7izFbwcG6h9GMH-WdYJWoMXW_kp8QdaaSlG_2-EBgrlF3WANA1XBM2cC2YVwo6tzTJhfKs7pSkDQrBGrI4BhOu76VQNc7HZHDI5OQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

a83ff5c86bbf59b15b43075985d9afe76aa9fd4d00d15e44964ef45b9423bbf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 29089
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-29089, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK pjs9mUuoYnxDG3qsNMnCi2SPo8FliZ8Kuj0JkbDbBrOnZGv4_cSnm3SdVLsn8r0rP5QqqU7pEOH5Qfwul2fUH5KFPwRU52pRzp59Jo4dm-T3uyW1R1mBnOGAQyV9Eo4Jl8T5Tz-jbpseRvsJRwG4zx2KKdFhFu7q2nQloEoyOT-rj7HgaCBOhNNXbl21x6X0plFGi...
cdn4.telesco.pe/file/ Frame B624 28 KB
29 KB 32ms
32ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/pjs9mUuoYnxDG3qsNMnCi2SPo8FliZ8Kuj0JkbDbBrOnZGv4_cSnm3SdVLsn8r0rP5QqqU7pEOH5Qfwul2fUH5KFPwRU52pRzp59Jo4dm-T3uyW1R1mBnOGAQyV9Eo4Jl8T5Tz-jbpseRvsJRwG4zx2KKdFhFu7q2nQloEoyOT-rj7HgaCBOhNNXbl21x6X0plFGiXHXhmxiIcbJmxrWGTWPEMmGD8QYtcs_kW0luTyQNj6BbgeT_K7G7qGWch4T4iSN6qH2SYM30HLonVF_QLK5mr69pYp0YNwUiC8LIZXxpeAwUvxvIpVgEHWgiOe0Nb1cFSEcAqyq9AvtM8JoEA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

bb21eb96cfc09caf55334305afc860381c000fd87d7e078731e535fe8e31c767

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 29166
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-29166, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK I7TovIU5LwwzlXBRVr_wNwsXG1Yz4yI2M5VdkJrsrkSjuVxhAjb2bXZmZ7yXQLxi-8lwJw2GQSWJ_8IPP_hWTY7TRpu-DHiVRj1ntbzd2IjWqcoPxxhaARgaWrp23holywFHLq0paitPCqzeNg97QYrKe182sIA6jqZG5OkIVDrn8-jhzTv_VoYspwXA_oqDPQtd8...
cdn4.telesco.pe/file/ Frame B624 61 KB
61 KB 40ms
40ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/I7TovIU5LwwzlXBRVr_wNwsXG1Yz4yI2M5VdkJrsrkSjuVxhAjb2bXZmZ7yXQLxi-8lwJw2GQSWJ_8IPP_hWTY7TRpu-DHiVRj1ntbzd2IjWqcoPxxhaARgaWrp23holywFHLq0paitPCqzeNg97QYrKe182sIA6jqZG5OkIVDrn8-jhzTv_VoYspwXA_oqDPQtd8PxXjXU3QwxtkOzZisWKyuKvBlXoVhg8OM2tizDul_CSAycCTVuxUE-ZH-XiuqvAsEbnR3Z5M81UA5bs0-MdA2VkbWSnLdRUbCg-VJJtvvb95TA9MQG2RY7CQ1Dw_Gz33DFRAldZfepTQmcCIw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

680f8ba0bf1c44518c2fda751b21aa0edc7c29ef0e7bead7d00a44a14b5d5b13

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 62012
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-62012, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK AVSToewKVHEhpPhhEtgV26I7fyuR7N4zIyGpsjJoFXccmUMqpfCsKzNYAqaWStu-KGOX0f9ZKratckdFnI-t44C9cXH82pYJ1kLh3GfDux_WziHuKOJMv7qtV5aZ63KIQnEm0ureGH_pUGf2lZp3Hi-YzIb5xfkKP0qMnTzWmxsTqGfxjRj52LexQD7K8sgPRKn8y...
cdn4.telesco.pe/file/ Frame B624 43 KB
44 KB 34ms
33ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/AVSToewKVHEhpPhhEtgV26I7fyuR7N4zIyGpsjJoFXccmUMqpfCsKzNYAqaWStu-KGOX0f9ZKratckdFnI-t44C9cXH82pYJ1kLh3GfDux_WziHuKOJMv7qtV5aZ63KIQnEm0ureGH_pUGf2lZp3Hi-YzIb5xfkKP0qMnTzWmxsTqGfxjRj52LexQD7K8sgPRKn8y0kJOiQLn4QHYBjekxhk5eFQ6yYP49aCIdhQQPv4C3212jx4egEfx-rkLeeTwZQU2tHNblbRGh3FgsYKJCxXoM4b-B1F51nlnP_Rrxkjux3aNzJHWxpwUfip-gNNrxMzacHk_-KtKyeRL4Tlbw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ea17bb1ebafe95c08e86f3826d788a91ea35bba8e05caa077f1f87ca546e8246

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 44496
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-44496, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK D0tc0wEoWUK_f1wizrwEIii-ZkS_W6_Hb_ymMT0HMKU9mUYZ87ccn9GdKMqGaAabdel6hymGwzLZstMx2m9hVVHgjzQw8ZlzmmwU_n1X8GIz50YLB6N9dDyYRRTWAiKjwA_2Sek8R4dbw3Kzjd6-OaQz7wgb8fl1w3ybNbMWaIkih1OfW5pCVjpgJhXHwhUL6nQCH...
cdn4.telesco.pe/file/ Frame B624 71 KB
71 KB 30ms
29ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/D0tc0wEoWUK_f1wizrwEIii-ZkS_W6_Hb_ymMT0HMKU9mUYZ87ccn9GdKMqGaAabdel6hymGwzLZstMx2m9hVVHgjzQw8ZlzmmwU_n1X8GIz50YLB6N9dDyYRRTWAiKjwA_2Sek8R4dbw3Kzjd6-OaQz7wgb8fl1w3ybNbMWaIkih1OfW5pCVjpgJhXHwhUL6nQCHcyYAcsFu4ovYqvRqAwv2RZEcy775EwK6YSwZw61ttQtGd7mvO1m436w75HWRhnNToqN0b2iNcmNeRkzIOIu8ci9spNySgA2VHD91PMLa3Ae1th8CXM2oa3Wrusai0XwwAPpoSBiu9eCDzZhUQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

11988b053ee3e2027e550a67fdd7f02e1f77823726277fa40185652113f9cea5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 72541
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-72541, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK ueACSWefoeyxrcGEzphIysGX4RlbDCe8lAdss6qgQ9WHqIKZgt0-RvfO7Rv203WuHhoABiTNBvuoFxxqlkW-vBcHYoJBnXvnrNzhcZXIlTWZ2oMj5tmvkRiWQ5WcDRBuR2_CPg7yTcGMxARHMcjaGm1qrNd5jFh0Grymt7a3fq5j54qNXqUNYn_33awSPvqRM9gQ2...
cdn4.telesco.pe/file/ Frame B624 82 KB
82 KB 32ms
32ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/ueACSWefoeyxrcGEzphIysGX4RlbDCe8lAdss6qgQ9WHqIKZgt0-RvfO7Rv203WuHhoABiTNBvuoFxxqlkW-vBcHYoJBnXvnrNzhcZXIlTWZ2oMj5tmvkRiWQ5WcDRBuR2_CPg7yTcGMxARHMcjaGm1qrNd5jFh0Grymt7a3fq5j54qNXqUNYn_33awSPvqRM9gQ2awJVKmLPj3qRYXpsKSpGmN2UqTDosXBJDSbkMfLs10RYUrOTAR2yDblFTXw8uUPt97PEy1V_fOSX67v2ZUbvwOhWk8yVwUv0GEb3j7K1086wRvTkeS2it7sX2GHwS36c4kmMmPX4MUktOcT2g.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

6fc1d7688e89f9c61560d6352e37ad58b33bfb2f207b254a614241f826b2928e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 83818
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-83818, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK d-ILUbTyZ66uj-L9YOPzUCaYcsOeDCHH7FEACFDjO22xGPx3QMTbLP2kVkjVfL3MfuQRLTsIavNRTd2g4la1RwtHD6I09uaG9yUY4pldn0XjjUztbKvbCSIKj3CEi0gp9IaQ9FORjX76gZTBRWimEupm6fUcTIcwiok5tOEJLGkZQ5vV3H57M5CR3IjZRzfgIRpho...
cdn4.telesco.pe/file/ Frame B624 71 KB
72 KB 31ms
31ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/d-ILUbTyZ66uj-L9YOPzUCaYcsOeDCHH7FEACFDjO22xGPx3QMTbLP2kVkjVfL3MfuQRLTsIavNRTd2g4la1RwtHD6I09uaG9yUY4pldn0XjjUztbKvbCSIKj3CEi0gp9IaQ9FORjX76gZTBRWimEupm6fUcTIcwiok5tOEJLGkZQ5vV3H57M5CR3IjZRzfgIRphoLxVmCjU5fqKdLF5ZdTCcX9dBGvEQVLvochjLdE1FtFvqadzVWLbN5y7QucsaOUTGLmfqEmFhQBzYtZsBegzN-RvSTqNfLlG6nA4G9dW3LPVul-M-yX2TQH7Z9TYBDEti-UHT4YWM-kW47mkQA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3e9c5e45db2a6da7e3d12f2a1ac2aa24f0631c80bb914595e47548e5b6dc4fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 72890
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-72890, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK p9bDxUbWIb-JBugbIfVeVC3zfU6K534WVDmKp065QFJ-B9t-FI86JhwaQPKkG-4Et3uzm-9y8TU6UGJK556CSBZRhNNRWguN56h0E6_SvCRATZNCddeTiE0l47cpj_Q_Ol08jjJ9VhBN1a3V-wBJbXMRC5Ra4LaObduTSIkliEFCXEmCBzO0ls4vl-1ZGkD61qeRT...
cdn4.telesco.pe/file/ Frame B624 68 KB
68 KB 29ms
28ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/p9bDxUbWIb-JBugbIfVeVC3zfU6K534WVDmKp065QFJ-B9t-FI86JhwaQPKkG-4Et3uzm-9y8TU6UGJK556CSBZRhNNRWguN56h0E6_SvCRATZNCddeTiE0l47cpj_Q_Ol08jjJ9VhBN1a3V-wBJbXMRC5Ra4LaObduTSIkliEFCXEmCBzO0ls4vl-1ZGkD61qeRTQ2pg_AiYA3hIcwtlFvskw6ISIQWReFVAdSkVbefbsB3e4SNfa7PJWftjM6X3HwDoXNeY9lduh44PQYwOfgq8OsgHPufhaAirmLAMxWASMSfwzo6IA-qgcLfC4NskxdDa_iOLcIkQooHr-YGbw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

18a73abf3ef25450a8de83d888954e474257c716355c91c5243dccbf378b958c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 69486
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-69486, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK gHHWXjrtCxOK2yx6ABttPvd5RrM4eSuFiX9RGgvlXFdarGfKCPS-VMAD6Qj6NzYI3IjvC1o0A86ppwP_KSEmrtZtGsaW_G-erbAAuj7QY0MnZoXdEtvdrcFw444xtSDWA-rLg9EMgZjr7tvXgc4m2432YxCG0kcmps6v0c_0B3Lj5vElGp8fbPGKWey1V_2I2E8mB...
cdn4.telesco.pe/file/ Frame B624 76 KB
76 KB 29ms
29ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/gHHWXjrtCxOK2yx6ABttPvd5RrM4eSuFiX9RGgvlXFdarGfKCPS-VMAD6Qj6NzYI3IjvC1o0A86ppwP_KSEmrtZtGsaW_G-erbAAuj7QY0MnZoXdEtvdrcFw444xtSDWA-rLg9EMgZjr7tvXgc4m2432YxCG0kcmps6v0c_0B3Lj5vElGp8fbPGKWey1V_2I2E8mBp_AyFQN8I6cL5Rp_VDpD-Xrtv2A_RLodke5HTSlru1JgK2P--u2kOsVs7yDT-BFct7WzGeiUyJb7c8YTH6B_7Y5p_ZZaQkvVwNAZNi51YYMDnBGRZWCq1yF-eHdYfVdVezlMrGauBpDyEVkLg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5ba0ec0af83cc83420c2fc19d6e29f5e2c3a46f7f33b3738c7d5fc641d87e9b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 77367
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-77367, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK SFpVJChcGabWVgHqMwDh2iXLCD_poValO5SwbWmMbfzB3ww8_fU_sxPABUz57k2W6-TGtVXEez9cbBesP-4xN0NvOE4-oGg_gpGNvoNCDONF41nvHk4MOMUmlkkBDEGpyiwS8G5ipkvKT5AzWrQY-371kt3sz7559lt8m6VCpsTfY4Mi24L1SzcCi6PpUHen3aIqu...
cdn4.telesco.pe/file/ Frame B624 65 KB
66 KB 33ms
33ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/SFpVJChcGabWVgHqMwDh2iXLCD_poValO5SwbWmMbfzB3ww8_fU_sxPABUz57k2W6-TGtVXEez9cbBesP-4xN0NvOE4-oGg_gpGNvoNCDONF41nvHk4MOMUmlkkBDEGpyiwS8G5ipkvKT5AzWrQY-371kt3sz7559lt8m6VCpsTfY4Mi24L1SzcCi6PpUHen3aIquRv8uDzUdDOHKL_WZ-V8TQ5uMgBtkTjhrc3WLksPWT-q0YRVuMXiX6Ma4VF2Ql7CYnUQE7pLIR0KcxvJS4-fQo0varw_uIMjxE0qs3dO5ZELvwExCW86q7h3LB59dyR_LdRZGpQka4T8-vx2Vg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2675b85ba20e9b01d3a1b39bbc108b3d6d2f76d6f1ad405870db5f80e24675f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 67036
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-67036, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK HolF3h-S422F0mB9wEbhHQFkShM7hGcwKkBTrNtzyZBlSOF9Cvql59kX2TAqXhgLmg9cv-1I3BUX5ikd1KkuiKjoXycma-EbP7Flex_cpDBPiBRJVJ3Zqy51Vy77hIiJsgvWI7sFPMSmgWsT0jo5fyeXovM4sUlP-64pLvMdUkGrm6bVmMWi4ahO15xkGz1xzp5rW...
cdn4.telesco.pe/file/ Frame B624 32 KB
32 KB 25ms
24ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/HolF3h-S422F0mB9wEbhHQFkShM7hGcwKkBTrNtzyZBlSOF9Cvql59kX2TAqXhgLmg9cv-1I3BUX5ikd1KkuiKjoXycma-EbP7Flex_cpDBPiBRJVJ3Zqy51Vy77hIiJsgvWI7sFPMSmgWsT0jo5fyeXovM4sUlP-64pLvMdUkGrm6bVmMWi4ahO15xkGz1xzp5rWvRxQWqeCsYApsMXCQ49kuZ3v2IiQl3lc0KWD4dBoGJLABqbJY3FhC-JG7S3dEMe-M0bOEpQuXIwPrQvXeTKkQi-93ZbeP4IoojBErknMaGlawExhEOoxYc11UUSmmgZDpJNvQ7rYTTwwxuf5Q.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5002b8d43a7f9cfabd24e10167b71039b80f9a34fb9e77c51f94a4604c6115cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 32469
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-32469, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H/1.1 200
OK lUDy0hQcYslpPlkr6-wv3XPZATXJ6aw2Zid8aSCMbjrEIIqNACWF3ix10BSquQN9WUrLJ5CWVdRqsOJxp1j5i-ZU290xPNWBzOzrixUR7KG8YZh55OLcerY2HMNWIA8yAQyhYeWdeUfxttrs1W2GFz7ytssFsdhUSW-w-H4FSNWONGl5jzh9V9xpVRnAnTcRAo4FM...
cdn4.telesco.pe/file/ Frame B624 21 KB
22 KB 18ms
17ms Image
image/jpeg 149.154.164.24
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/lUDy0hQcYslpPlkr6-wv3XPZATXJ6aw2Zid8aSCMbjrEIIqNACWF3ix10BSquQN9WUrLJ5CWVdRqsOJxp1j5i-ZU290xPNWBzOzrixUR7KG8YZh55OLcerY2HMNWIA8yAQyhYeWdeUfxttrs1W2GFz7ytssFsdhUSW-w-H4FSNWONGl5jzh9V9xpVRnAnTcRAo4FMKlJMIlJEX29C31Kmo3jXd3iBAvVryE6hyZ-_lKSBmVePzNnzQbH--bW2xOeyTQGcXdpvAhbbqqfxEw1TkJATUbZiJdNui10aIh-CBFcNkWcDyG0n1W6iVCDQO0TPE0tKaw9y1UgE4ZFPM5ihQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.24 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3ff06a01fd3406fbe5ed6fcb93fd667778a16c68f9ca624cc7706e41de582f7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21718
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: nginx/1.18.0
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-21718, bytes
Expires: Fri, 03 Dec 2021 03:46:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B624 15 KB
16 KB 80ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 80047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B624 16 KB
16 KB 111ms
56ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 413263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 08:58:25 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 0A6D 45 KB
17 KB 53ms
53ms Script
text/javascript 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 87
date: Wed, 03 Nov 2021 03:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 03 Nov 2021 05:44:41 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame A94C 7 KB
4 KB 107ms
107ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0a8821fcb1fbf648fbd3b95cc8daedaa0353c1e740812fdcb874e4a577be848c

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 2946
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 02 Nov 2021 21:14:28 GMT
ETag: W/"lounge:view:8859237414.d359aace567b3f2d0f4ae8acaffc7207.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Wed, 03 Nov 2021 03:46:08 GMT
Age: 7
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js Show response
c.disquscdn.com/next/embed/ Frame A94C 958 B
1 KB 57ms
20ms Script
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8374fd41dba00c2db7d80888b361ff3cb0291093144ba8387e9ebaf38e7cefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31261
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 496
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1f0"
content-type: application/javascript; charset=utf-8
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: sQhrbLnTLDe7kn5i7SNi3mIY1_QMee5_nmKoz-I9rbUlQrD3gh208A==
x-cache-hits: 0

POST
H/1.1 200
OK / Show response
xn--r1a.website/v/ Frame B624 4 B
492 B 135ms
134ms XHR
application/json 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/v/

Requested by

Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Accept: */*
Referer: https://xn--r1a.website/s/TheTrueDefender
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-store
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 12A0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

62ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 03:46:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Wed, 03 Nov 2021 03:46:08 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 7299 31 KB
11 KB 81ms
33ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 08:07:40 GMT
Server: AkamaiNetStorage
ETag: "0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame A94C 282 KB
93 KB 22ms
21ms Script
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738038
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: v5ghZOLCOk-JGax2ro7dko5gpANK4VbHC0wLxHiFz8Nbzt-BVfMYZA==
x-cache-hits: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 89ms
89ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Wed, 03 Nov 2021 03:46:08 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 22ms
22ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

600873ea1765d20223f233b5aa46ae011a7ac5602aad3fa12d47e795f76245a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d1e1e7cd-0c7f-411e-8258-5892b21b8e78
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
rtb.adpone.com/ 768 B
725 B 38ms
38ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1217251311622&gdpr_applies=false&consentString=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012d6655ff71c3ac8ec1cb10181c397023e07c6330f0e83b94dce9a399322982

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYL%2FYzpvaYlWtYgrfu%2Bhmyc91nNi8NgC2LEkXsYzNR2dLqZQUt9qpH1vcUXn%2F8DYpVtWBBEA6%2F8scyXr%2B%2FvVuI2PpfleVy1OAaRQ4HhFXkBeXHg2xjoeTstpVaVIZom4NNoAqrg%2FeBwzP8Ez"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d23cd32d711-FRA

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
309 B 103ms
103ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
36 B 149ms
149ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a829d23cf190ebb-FRA

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 37ms
36ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 18ms
18ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 18ms
18ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=55666528621
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:07 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 14 KB
6 KB 64ms
64ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 30af6f70ad452e4434de230633f43dde7122fb2e286cfa5367971193f8e43ee0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:07 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b12%3b51
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 32ms
32ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a829d23cca66987-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 17ms
17ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Wed, 03 Nov 2021 03:46:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 17ms
16ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

adedc6b523d63c790806cb4a54fd85d1ba4e31e38dd5dcc0d60ed2e666fb6506

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fbbfeb56-abde-4551-8652-b8397479112f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 9724 531 B
811 B 51ms
7ms Document
text/html 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22312825910199852068%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%228036622%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%228036622%22%2c%22hash%22%3a%22-4837248904725489415%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage
Content-Length: 531
Date: Wed, 03 Nov 2021 03:46:08 GMT
Connection: keep-alive

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 309C 5 KB
2 KB 76ms
23ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWmprd09UQTFOR0V0TkRkaVpDMDBZek5sTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjMzOTUwODM1NjY4Mjg1OTEvODAzNjYyMi81NjM3MjU0LzM5L1FkTjZKNzZubEx6NWE0YVdac2lYZ0MzaHZ6aEJ3b2wzUmNuLV95ZU9jYzQvMS8xMDAwLzAvMC8xMTgzNDc3LzM1ODkyNjM2MTkvMjM0NDk1Lzc0NjM0NS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8xMDQvNDIwODQ5LzAvMC81MDYzMzk1MDgzNTY2ODI4NTkxL3pyaC8wLzIwMDIvMTkvOTk5LzMyMi8yMTMuMjM5LjIwOS4wLzAuMDAwLzE2MzU5MTExNjgvMTYzNTkyMzc2OC8xMDAwLzIwNzkv/AcM6Ib2LvwG3JgErjan9CQXRS_o&nodeid=2990&group=zrh&auctionid=5063395083566828591&shardkey=5063395083566828591&sid=5637254&cid=8036622&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.134.182
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: ae6cb4a31b3412571acc266a1ab4cd481b6493df3a260310dd838db04d2074dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1635911168
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: MMBD/3.207.1
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x70, zrh-bidder-x164
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 309C 43 B
436 B 59ms
18ms Image
image/gif 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=312825910199868378&tmstp=8119318298&ckid=3774753667581010436&pubid=11&systgt=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d90403%3b%24qt%3d25_176_65889t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273&acd=1635911168257&envtype=0&opid=aeb1d3bf-064d-4d77-be23-4aa2bd0ab11d&opdt=1635911168257&siteid=402008&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fthetruedefender.com%2fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2f&cappid=3774753667581010436&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1366485&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=312825910199852068&rtbh=76148f42c077ed56819f04c93f8353f8874f4d2e&rtblt=637715079682615158&rtbet=0&rtbptnid=25&cftgid=4a7f8d2b332c
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:08 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ Frame A94C 165 KB
26 KB 9ms
9ms Stylesheet
text/css 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31260
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26057
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-65c9"
content-type: text/css; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: lgBC6XZVG1zGYn1ZjOTmpydMkYjufEOH8H0sV0XfRCaucW9hH7GE1w==
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 12A0 31 KB
10 KB 11ms
11ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52710
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:38 GMT

GET
H2 200 lounge.bundle.ace98c1ec418cae085455f6914352928.js Show response
c.disquscdn.com/next/embed/ Frame A94C 469 KB
119 KB 10ms
9ms Script
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ace98c1ec418cae085455f6914352928.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ba3e3f22592ee6f8bb60554a0ab8f93d5295790ed1bdb457ccd280aeea784c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31260
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120848
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1d810"
content-type: application/javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: zW3VsfQLQGRXVyHI1KY_wuSPz0AzE8e1ZJ8i9XVH7TIZMcbxmgtazQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame A94C 13 KB
14 KB 10ms
9ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 12A0 284 B
536 B 75ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame A94C 3 KB
4 KB 111ms
111ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thetruedefender-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

94b0dd7a061f80bc838b0095bff0280e06b1eef839dc2d5fcd1b0b91c20d5386

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3392
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame CD34
Redirect Chain

https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D23449...
https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D23449...

5 KB
2 KB

50ms
35ms

Document
text/html

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 336cd0661033266d2e2bbfba4a0f9d9d4db13d1fc021ddb0f9d2ceb369e7675e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:08 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 67837300011156201493465011767012
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1823
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:08 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 309C 49 B
330 B 67ms
24ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5063395083566828591&node_id=2990&exch_id=39
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x39, zrh-bidder-x164
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 309C 43 B
373 B 57ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=5063395083566828591&v3=746345&v4=5637254&v5=8036622&mt_nsync=1&no_attr=1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 309C 49 B
330 B 66ms
23ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=5063395083566828591&st=5637254&time=1635911168&nodeid=2990
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x23, zrh-bidder-x164
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 5A6D 31 KB
11 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 08:07:40 GMT
Server: AkamaiNetStorage
ETag: "0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame A94C 40 B
278 B 119ms
99ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fthetruedefender.com%2F&product=embed&thread=8859237414&thread_id=8859237414&forum=thetruedefender-com&forum_id=7253923&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22Like+this+article%3F%22%2C%22description_copy%22%3A%22Subscribe+to+thetruedefender.com+to+receive+daily+updates+of+the+latest+articles+delivered+straight+to+your+inbox.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+email+updates+from+thetruedefender.com!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+thetruedefender.com.%22%7D%7D&event=activity&imp=5enhnsicmhn3r&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Content-Type: application/javascript

GET
H2 200 noavatar92.png
a.disquscdn.com/1635794574/images/ Frame A94C 2 KB
2 KB 31ms
7ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1635794574/images/noavatar92.png

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 27993
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 1nGBqshZ2oSf2-vNNUJ2yEoa8rmhVyQWwJTo9vTakBo64hnSAFBnqQ==
expires: Thu, 02 Dec 2021 19:59:35 GMT

GET
DATA 200
OK truncated
/ Frame A94C 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame A94C 13 KB
13 KB 9ms
9ms Image
image/svg+xml 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16290507
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: i5kieaw5mQn-QFbTsw05oqwl6y1kSeBQoW_eRdSbGpK43L_YOZNDgQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame A94C 3 KB
3 KB 9ms
9ms Image
image/gif 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23582881
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: L3Z_7s3ciN8ezcl360VDtMF9krlgr-F_1zWGfD8Kh9ttEwU1c6_XOw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame A94C 2 KB
2 KB 9ms
9ms Image
image/png 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3571100
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: h7eaUvTIgcZBrzKH2eLEBc75kr-5YwwqrKaN7Vpk_yFpuLG73-venA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame A94C 8 KB
8 KB 10ms
10ms Font
application/octet-stream 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5420870
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Y4oanNLQVLxSAYTZwTVQgD-KbWQEpLeew6-f4Nf2Zpe2ADXttMfRzA==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 9ms
9ms Script
application/javascript 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15682838
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: iOOyaUSFhMOwJ2ePSrUmiGafdUvExQitfM_fN-lNrvMoeob9q3GhwQ==
x-cache-hits: 0

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 955E 531 B
811 B 8ms
7ms Document
text/html 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22302692811038273980%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%228042169%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%228042169%22%2c%22hash%22%3a%22-6379556490751253383%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage
Content-Length: 531
Date: Wed, 03 Nov 2021 03:46:08 GMT
Connection: keep-alive

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame AC01 4 KB
2 KB 25ms
25ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWkdOa05HVmlZbUl0TTJVNVl5MHhNR015TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ1MTcwOTA2NDA2NTcwNjI1NS84MDQyMTY5LzU2MzcyNTQvMzkvUWRONko3Nm5sTHo1YTRhV1pzaVhnTEZTYWtUS0NnOE9fZi1sRzk4OGZFQS8xLzEwMDAvMC8wLzExODM0NzcvMzU4OTI2MzYxOS8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzEwNC80MjA4NDkvMC8wLzQ1MTcwOTA2NDA2NTcwNjI1NS96cmgvMC8yMDAyLzE5Lzk5OS8zMjIvMjEzLjIzOS4yMDkuMC8wLjAwMC8xNjM1OTExMTY4LzE2MzU5MjM3NjgvMTAwMC8yMDc5Lw/AXpEtyZPrTDMqiRl6W-wh28P_Qc&nodeid=2991&group=zrh&auctionid=451709064065706255&shardkey=451709064065706255&sid=5637254&cid=8042169&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.138
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 8dbf7b01eb96e3352bcc1e7ac6ee1fc248dab7a0c41cebef4dc2b3a85db9f1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1635911168
Last-Modified: Wed, 03 Nov 2021 03:46:08 GMT
Server: MMBD/3.207.1
x-mm-latency: 2 (2)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x71, zrh-bidder-x165
Connection: close
Expires: Wed, 03 Nov 2021 03:46:07 GMT

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame AC01 43 B
436 B 19ms
19ms Image
image/gif 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=302692811038289139&tmstp=3859515899&ckid=7989106909926187537&pubid=12&systgt=%24qc%3d1314162586%3b%24ql%3dHigh%3b%24qpc%3d90403%3b%24qt%3d25_176_65889t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273&acd=1635911168617&envtype=0&opid=14677749-781b-4dfc-8a5e-197546cd4d16&opdt=1635911168617&siteid=402008&tgt=%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fthetruedefender.com%2fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2f&cappid=7989106909926187537&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1366485&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=302692811038273980&rtbh=3e721204d80a3b49acbcfaf241a1f15e22e73da8&rtblt=637715079686210399&rtbet=0&rtbptnid=25&cftgid=4a7f8d2b332c
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:08 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 0F30 337 B
838 B 8ms
8ms Stylesheet
text/css 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Lyz5ErV3lydZ5XiN-BLJXMfstX5kXusnkyMqsI1eh_5lKKHOfVCyow==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 1B53 337 B
837 B 8ms
8ms Stylesheet
text/css 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: QrHm7nyUgghx-iUOknlrsYumwni52h3qUDEUIVQzNIm4aVee7WfYJA==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame A94C 43 B
295 B 117ms
102ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=173&event=init_embed&thread=8859237414&forum=thetruedefender-com&forum_id=7253923&imp=5enhnsicmhn3r&thread_slug=johnson_johnson_recipients_35_times_more_likely_to_develop_deadly_blood_clot_in_the_brain&user_type=anon&referrer=https%3A%2F%2Fthetruedefender.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34699%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34699&t_u=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&t_e=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_d=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&t_t=Johnson%20%26%20Johnson%20Recipients%203%2C5%20Times%20More%20Likely%20To%20Develop%20Deadly%20Blood%20Clot%20In%20The%20Brain!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame A94C 13 KB
13 KB 9ms
9ms Image
image/svg+xml 2600:9000:2057:6a00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:6a00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16290507
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Jy1ESu2ZLB5wc-PclHhDvPlXx4aDpBOLTlHgXCeCs6lr3z9QufQtkw==
x-cache-hits: 0

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
429 B 60ms
17ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=6.4758487301102114
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:09 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 4
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a829d2699284e86-FRA
x-amz-request-id: C3CJJWGXK1NK66WV
x-amz-id-2: njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 60ms
17ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=6.4758487301102114
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:09 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 4
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a829d26992a4e86-FRA
x-amz-request-id: C3CJJWGXK1NK66WV
x-amz-id-2: njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame CD34 0
150 B 43ms
12ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=67837300011156201493465011767012&a=fc09532a&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 4CE1
Redirect Chain

https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZU...
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZU...

5 KB
2 KB

43ms
25ms

Document
text/html

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: d062848ac0750e58a19ab884d869c291bb7e13c73d46a83c8432eebf01a35d04

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 19405900011156401649445011767012
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1566
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame CD34 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame CD34 851 B
1 KB 49ms
8ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 0527 5 KB
2 KB 54ms
42ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 2845f9d49b679d986fe78483792840b0d90bd8988570d21d0547e706b4f14148

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 17640000011156301519519011767012
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1821
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK js Show response
sync.mathtag.com/sync/ Frame AC01 1 KB
987 B 77ms
26ms Script
text/javascript 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWkdOa05HVmlZbUl0TTJVNVl5MHhNR015TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ1MTcwOTA2NDA2NTcwNjI1NS84MDQyMTY5LzU2MzcyNTQvMzkvUWRONko3Nm5sTHo1YTRhV1pzaVhnTEZTYWtUS0NnOE9fZi1sRzk4OGZFQS8xLzEwMDAvMC8wLzExODM0NzcvMzU4OTI2MzYxOS8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzEwNC80MjA4NDkvMC8wLzQ1MTcwOTA2NDA2NTcwNjI1NS96cmgvMC8yMDAyLzE5Lzk5OS8zMjIvMjEzLjIzOS4yMDkuMC8wLjAwMC8xNjM1OTExMTY4LzE2MzU5MjM3NjgvMTAwMC8yMDc5Lw/AXpEtyZPrTDMqiRl6W-wh28P_Qc&nodeid=2991&group=zrh&auctionid=451709064065706255&shardkey=451709064065706255&sid=5637254&cid=8042169&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master zrh-pixel-x11 config:1.0.0 /
Resource Hash: 1a33fc4d9c68aac94d22d465a20e369746def584c89259397a4274cb1310c83a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Content-Encoding: gzip
Server: MT3 4067 88cc6bf master zrh-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: close
Content-Type: text/javascript
Expires: Wed, 03 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame AC01 43 B
373 B 33ms
33ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=451709064065706255&v3=746345&v4=5637254&v5=8042169&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWkdOa05HVmlZbUl0TTJVNVl5MHhNR015TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ1MTcwOTA2NDA2NTcwNjI1NS84MDQyMTY5LzU2MzcyNTQvMzkvUWRONko3Nm5sTHo1YTRhV1pzaVhnTEZTYWtUS0NnOE9fZi1sRzk4OGZFQS8xLzEwMDAvMC8wLzExODM0NzcvMzU4OTI2MzYxOS8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzEwNC80MjA4NDkvMC8wLzQ1MTcwOTA2NDA2NTcwNjI1NS96cmgvMC8yMDAyLzE5Lzk5OS8zMjIvMjEzLjIzOS4yMDkuMC8wLjAwMC8xNjM1OTExMTY4LzE2MzU5MjM3NjgvMTAwMC8yMDc5Lw/AXpEtyZPrTDMqiRl6W-wh28P_Qc&nodeid=2991&group=zrh&auctionid=451709064065706255&shardkey=451709064065706255&sid=5637254&cid=8042169&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame AC01 49 B
330 B 26ms
25ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=451709064065706255&st=5637254&time=1635911168&nodeid=2991
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWkdOa05HVmlZbUl0TTJVNVl5MHhNR015TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ1MTcwOTA2NDA2NTcwNjI1NS84MDQyMTY5LzU2MzcyNTQvMzkvUWRONko3Nm5sTHo1YTRhV1pzaVhnTEZTYWtUS0NnOE9fZi1sRzk4OGZFQS8xLzEwMDAvMC8wLzExODM0NzcvMzU4OTI2MzYxOS8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzEwNC80MjA4NDkvMC8wLzQ1MTcwOTA2NDA2NTcwNjI1NS96cmgvMC8yMDAyLzE5Lzk5OS8zMjIvMjEzLjIzOS4yMDkuMC8wLjAwMC8xNjM1OTExMTY4LzE2MzU5MjM3NjgvMTAwMC8yMDc5Lw/AXpEtyZPrTDMqiRl6W-wh28P_Qc&nodeid=2991&group=zrh&auctionid=451709064065706255&shardkey=451709064065706255&sid=5637254&cid=8042169&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.138
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x35, zrh-bidder-x165
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 03 Nov 2021 03:46:08 GMT

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 0527 0
150 B 19ms
7ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=17640000011156301519519011767012&a=1ca236ba&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame C6BF 5 KB
2 KB 39ms
27ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=17640000011156301519519011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppznadm7ga9swiu%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: ab4b0790064c3276c82088168c2ef48ed394b14a3f9c35283fd05e6449907220

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 03 Nov 2021 03:46:09 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 62593500011156501649441011767012
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1570
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0527 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 0527 851 B
1 KB 39ms
12ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=pekt279e4395&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D451709064065706255%26mt_id%3D8042169%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_451709064065706255&random=451709064065706255&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 76ms
35ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:09 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 04 Nov 2021 03:46:09 GMT

GET
H2

200

evergreen-kis-728x90.jpg
media.kaspersky.com/de/affiliates/ Frame 4CE1
Redirect Chain

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=19405900011156401649445011767012
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

62 KB
62 KB

97ms
59ms

Image
image/jpeg

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:22 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "8ece3b5a61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr2/MSK8
accept-ranges: bytes
content-length: 63391
date: Wed, 03 Nov 2021 03:46:07 GMT

Redirect headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 4CE1 0
150 B 22ms
10ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=19405900011156401649445011767012&a=5e4adec3&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame AB9E 43 B
705 B 62ms
15ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=19405900011156401649445011767012

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Wed, 03 Nov 2021 03:46:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
DATA 200
OK truncated
/ Frame 4CE1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 4CE1 851 B
1 KB 42ms
13ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK iframe Show response
sync.mathtag.com/sync/ Frame F420 629 B
716 B 86ms
29ms Document
text/html 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/iframe?mt_uuid=a0d46182-0600-4a01-ad13-18ca0c0fc701&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master zrh-pixel-x13 config:1.0.0 /
Resource Hash: 048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Content-Type: text/html
Connection: close
Server: MT3 4067 88cc6bf master zrh-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 03 Nov 2021 03:46:08 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame AC01 43 B
517 B 88ms
25ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master zrh-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:08 GMT

GET
H2

200

evergreen-kts-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame C6BF
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=62593500011156501649441011767012
https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

48 KB
48 KB

88ms
50ms

Image
image/jpeg

185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=17640000011156301519519011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppznadm7ga9swiu%3Ftprde%3D

Protocol

Server

185.85.15.31 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

d1130cdd4fefa1ae93c7389e23f6fc68200b0e7be18245ab2e153bdfbc003a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:33 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "a3fddd6061a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr2/MSK6
accept-ranges: bytes
content-length: 48846
date: Wed, 03 Nov 2021 03:46:07 GMT

Redirect headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kts-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame C6BF 0
150 B 37ms
7ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=62593500011156501649441011767012&a=0fd78aa9&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=17640000011156301519519011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppznadm7ga9swiu%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 084B 43 B
705 B 26ms
14ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=62593500011156501649441011767012

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Wed, 03 Nov 2021 03:46:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
DATA 200
OK truncated
/ Frame C6BF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame C6BF 851 B
1 KB 47ms
8ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=17640000011156301519519011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppznadm7ga9swiu%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 55ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:09 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 04 Nov 2021 03:46:09 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/misc/ Frame F420 43 B
517 B 24ms
23ms Image
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=a0d46182-0600-4a01-ad13-18ca0c0fc701&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master zrh-pixel-x8 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.mathtag.com/sync/iframe?mt_uuid=a0d46182-0600-4a01-ad13-18ca0c0fc701&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:08 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EDBD 11 KB
5 KB 71ms
21ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1768
date: Wed, 03 Nov 2021 03:46:09 GMT
content-length: 4685

GET
H2

200

sid Show response
mug.criteo.com/ Frame EDBD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=tSB4H3wwdEd4TWlWOTJhMUhMU1FDYkcrS0swZjBMR09rdmExelYzNHhFRHh5STBMN3A2aXJYZUdFeUp5TmlWNlNkM2QzOEFpSnM5WkltamZqZmlGemxiNzhlbktOc3owbnZ2RyswR0hFc2p1TEhCcjN3bnhFSFhOenZ4QW...

457 B
637 B

66ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tSB4H3wwdEd4TWlWOTJhMUhMU1FDYkcrS0swZjBMR09rdmExelYzNHhFRHh5STBMN3A2aXJYZUdFeUp5TmlWNlNkM2QzOEFpSnM5WkltamZqZmlGemxiNzhlbktOc3owbnZ2RyswR0hFc2p1TEhCcjN3bnhFSFhOenZ4QWc2djlhTUI3UUx3SmxEZjhYWXZ6b0VWdjdRc09BUStWR1lPYnhRY3I4WVkwQWJ0YVpHKzlWcWZFVkZJSjVUMW5HdHBYOS9aTUVmZFp2N3dodWRaaC9kVVJKYnI0NnhvVTZKc3lOSE4zVXhVMDhlWXMvcGtmQjhjOGlrSnpodHlydDZIQnpZUnFjQ2xlclc0OG40bmsvY09PcWptN1dCWloxUDh6SGJqTkdxMThkQXBtMGY2RT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c69d743f01faeaae4d483a43b291a4f5a509c350a89098748ff43072fc67004c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Nov 2021 03:46:08 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2159
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Nov 2021 03:46:09 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=tSB4H3wwdEd4TWlWOTJhMUhMU1FDYkcrS0swZjBMR09rdmExelYzNHhFRHh5STBMN3A2aXJYZUdFeUp5TmlWNlNkM2QzOEFpSnM5WkltamZqZmlGemxiNzhlbktOc3owbnZ2RyswR0hFc2p1TEhCcjN3bnhFSFhOenZ4QWc2djlhTUI3UUx3SmxEZjhYWXZ6b0VWdjdRc09BUStWR1lPYnhRY3I4WVkwQWJ0YVpHKzlWcWZFVkZJSjVUMW5HdHBYOS9aTUVmZFp2N3dodWRaaC9kVVJKYnI0NnhvVTZKc3lOSE4zVXhVMDhlWXMvcGtmQjhjOGlrSnpodHlydDZIQnpZUnFjQ2xlclc0OG40bmsvY09PcWptN1dCWloxUDh6SGJqTkdxMThkQXBtMGY2RT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1877
content-length: 567
expires: 0

POST ping
links.services.disqus.com/api/ 0
0

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 7299 43 B
163 B 82ms
17ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1635911168543&pid=1366485&iid=10104881&cid=0&key=viewcount&rtb=1&rtbbid=312825910199852068&rtbet=0&rtblt=637715079682615158&rtbnid=2079&rtbh=76148f42c077ed56819f04c93f8353f8874f4d2e&ts=1635911168543
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:09 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame CD34 0
150 B 19ms
7ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=67837300011156201493465011767012&a=fc09532a&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=gm26lpqoiccf&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5063395083566828591%26mt_id%3D8036622%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_cid%3Da0d46182-0600-4a01-ad13-18ca0c0fc701%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_5063395083566828591&random=5063395083566828591&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fjohnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad12.ad-srv.net/ Frame 4CE1 0
150 B 19ms
7ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad12.ad-srv.net/viewability?s=19405900011156401649445011767012&a=5e4adec3&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=f4a153452f4afHLgtFPweq9f8DZx6WdL1LHlotdkZWHUJyYvhENXE2oE8yVQFQyb4xZULsuom1Y8ZmEDwncqrk-sugteIsOyY2I2_PAdmscMBsZmmHHv3tk6-9HrqUxFxNtXX_j2p729Eaeri-xWffMA3Am3tWTz5cv8Duo_wbtoGlgxIg2Mnmy5PBu-sWv9465y8CEDNwjXR8wATNr&subid=67837300011156201493465011767012&redirectClick=https%3A%2F%2Fad12.ad-srv.net%2Fc%2Fppgcdmhm2pdlrcc%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:10 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=i9Dw1HxjRkhGaVVhOEtJd285cHYvQ1hVcmgxbHJQQnBPYnBGS3lsQVdmL1UxYVZZa05jTnpsdU04L01zOWxXK0lETk5TeGdXRTJnMFJuL2c4eS8rRlA3MEc3WXJvM1NURGd1VmFod2ZHb0xhVXdiTWdFYjN3c3JJckh2OV...

462 B
689 B

19ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i9Dw1HxjRkhGaVVhOEtJd285cHYvQ1hVcmgxbHJQQnBPYnBGS3lsQVdmL1UxYVZZa05jTnpsdU04L01zOWxXK0lETk5TeGdXRTJnMFJuL2c4eS8rRlA3MEc3WXJvM1NURGd1VmFod2ZHb0xhVXdiTWdFYjN3c3JJckh2OVZMa1ZrM2xUdWsyNlI4RVhkOE5PaWRTZmkrOGhJelljaERkT21Rc21CV2crdGR1RksxTTViZGM5a0w0bThqZmF1L2pGUnZkUi9QZkdKcFJXbWRFUUZPeXNPTTlQTWIyUWNvTFh3TVF1K1BuR043bUpJMy91VE9wbmxoTjhEOTBMbWJNajRaQmtiVFhoYS9QZkxnWVk0TnBoV3BRTmJjdS81MHJHdzhGakxoSWo1UlBXSnhIcz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

42272bb6b3ae99f0411515ddc63cbf7f54c0be742a2928eb00921061a6f1d8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3155
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Nov 2021 03:46:11 GMT
location: https://mug.criteo.com/sid?cpp=i9Dw1HxjRkhGaVVhOEtJd285cHYvQ1hVcmgxbHJQQnBPYnBGS3lsQVdmL1UxYVZZa05jTnpsdU04L01zOWxXK0lETk5TeGdXRTJnMFJuL2c4eS8rRlA3MEc3WXJvM1NURGd1VmFod2ZHb0xhVXdiTWdFYjN3c3JJckh2OVZMa1ZrM2xUdWsyNlI4RVhkOE5PaWRTZmkrOGhJelljaERkT21Rc21CV2crdGR1RksxTTViZGM5a0w0bThqZmF1L2pGUnZkUi9QZkdKcFJXbWRFUUZPeXNPTTlQTWIyUWNvTFh3TVF1K1BuR043bUpJMy91VE9wbmxoTjhEOTBMbWJNajRaQmtiVFhoYS9QZkxnWVk0TnBoV3BRTmJjdS81MHJHdzhGakxoSWo1UlBXSnhIcz18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1705
content-length: 567
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 49ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://thetruedefender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://thetruedefender.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1507
date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8AE4 2 KB
823 B 10ms
10ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635911168223

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 4018 442 B
439 B 34ms
34ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6D81 52 KB
17 KB 36ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 03 Nov 2021 03:46:11 GMT
Age: 81551
X-Served-By: cache-lga21933-LGA, cache-fra19126-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 563952
X-Timer: S1635911171.477269,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7DBC 52 KB
17 KB 34ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 03 Nov 2021 03:46:11 GMT
Age: 81551
X-Served-By: cache-lga21933-LGA, cache-fra19171-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 540284
X-Timer: S1635911171.477294,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3385 2 KB
823 B 9ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635911168158

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 8B80 1 KB
758 B 36ms
24ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35abf36987-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 4ACB 1 KB
703 B 54ms
43ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35abf26987-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame B504 658 B
837 B 110ms
110ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: f6acf35d1e8cbeab8e47c576dd76e1c0d50a522e01f38c24ec0a980059bed358

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame FDBC 442 B
348 B 37ms
36ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C7BE 52 KB
17 KB 33ms
11ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 03 Nov 2021 03:46:11 GMT
Age: 81551
X-Served-By: cache-lga21933-LGA, cache-fra19165-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 562253
X-Timer: S1635911171.477505,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F2D 52 KB
17 KB 30ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 03 Nov 2021 03:46:11 GMT
Age: 81551
X-Served-By: cache-lga21933-LGA, cache-fra19134-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 564453
X-Timer: S1635911171.477478,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 9737 658 B
837 B 104ms
104ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 1f6075c07d91f0490ee52a0fe5e9bc6c6ce8064b52d7345362c7b16a7ab19144

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 21ED 658 B
837 B 102ms
102ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 26dba57dc61a6db40c16c6db92c90f267b77a8ba5b458a605a0d3e00bfaf0b6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 183E 658 B
837 B 103ms
102ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 983eee41d6f692856be539a5bd9796b4438b7daa7fc51b4b29926174434816db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 68C9 442 B
348 B 35ms
35ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 7FA7 3 KB
808 B 143ms
133ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba745993d99450e69ae86baf024e8117e1811a931d8d9c08b1eeaffa39ad027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35a9dd0ebb-FRA
content-encoding: gzip

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame A21E 1 KB
703 B 29ms
26ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35abf06987-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame C476 0
159 B 103ms
101ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 0D3F 3 KB
801 B 141ms
134ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff55f81c3b7d4ec7f0ff201f16d742ab5c9ceb8b43adc0b4fbd9090119e19216

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35a9db0ebb-FRA
content-encoding: gzip

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame FF52 3 KB
933 B 133ms
127ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be752cabf1a0d29c7d289aa07ac73ccdbc11181d860a47c649351d3a1a959a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35a9d90ebb-FRA
content-encoding: gzip

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9C46 2 KB
823 B 10ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635911168159

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 1B82 3 KB
809 B 144ms
140ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1e043677b4cd7b01fd97876fd219441e856eed474498e034f5b412739fabf5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35a9de0ebb-FRA
content-encoding: gzip

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 1597 442 B
348 B 36ms
34ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BA65 52 KB
17 KB 24ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 03 Nov 2021 03:46:11 GMT
Age: 81551
X-Served-By: cache-lga21933-LGA, cache-fra19158-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 559972
X-Timer: S1635911171.484434,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 9298 442 B
348 B 35ms
35ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 2FCD 1 KB
703 B 42ms
41ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35ac006987-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 7485 3 KB
803 B 130ms
130ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de84011a19eadec27aa6f17f948ab24b3db073324bbd04f8550d7a08bd94fd5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35a9df0ebb-FRA
content-encoding: gzip

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame EDDE 1 KB
712 B 25ms
24ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d35ac016987-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=64c6a6a1-eaaa-47cd-8d72-c53acfc05f6a&gdpr=0&gdpr_consent=

43 B
425 B

48ms
16ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=64c6a6a1-eaaa-47cd-8d72-c53acfc05f6a&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:10 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=64c6a6a1-eaaa-47cd-8d72-c53acfc05f6a&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2354027
content-length: 0
expires: Wed, 03 Nov 2021 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 10ms
9ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
https://x.bidswitch.net/sync?dsp_id=59&user_id=6c569f8d-0859-49d0-a71b-7d9d40020aa4&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&gdpr_consent=

43 B
163 B

17ms
16ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&gdpr_consent=
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=0&gdpr_consent=

43 B
425 B

73ms
17ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 03 Nov 2021 03:46:10 GMT

GET
H2 204 get_user_agent_id
cookie-matching.mediarithmics.com/v1/ 0
85 B 64ms
17ms Image
text/plain 54.37.103.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.37.103.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ip83.ip-54-37-103.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=90032D93-FE52-40CB-9010-4C37E2893EE9&gdpr=0&gdpr_consent=

43 B
465 B

17ms
16ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=90032D93-FE52-40CB-9010-4C37E2893EE9&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:10 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=90032D93-FE52-40CB-9010-4C37E2893EE9&gdpr=0&gdpr_consent=
date: Wed, 03 Nov 2021 03:46:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1270
date: Wed, 03 Nov 2021 03:46:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 4018 103 KB
27 KB 154ms
57ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7DBC 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ce2c0528-89a8-4872-bef1-25ce51b30d97
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6D81 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 32a0af63-2db3-489a-8a97-1cbdcff4b8f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F2D 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 980df7ef-9c2a-4ee0-b84f-916a6211ff75
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C7BE 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f678fe90-9856-4dc5-996a-f07e3c4d55fe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame FDBC 103 KB
27 KB 134ms
67ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BA65 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 80a07d2f-7256-4f44-98a1-f2daa0f83a08
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 68C9 103 KB
27 KB 126ms
67ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 1597 103 KB
27 KB 122ms
68ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 9298 103 KB
27 KB 121ms
68ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

match
ads.betweendigital.com/ Frame 21ED
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=265ee97f-3add-4428-924a-75bc3383eb4c&user_group=1&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

103ms
103ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 21ED
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

68 B
607 B

106ms
105ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 21ED
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJLdQ8WBHshuAAJZDAZHw*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

68 B
607 B

160ms
159ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 21ED
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

68 B
607 B

104ms
100ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 183E
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

104ms
104ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 183E
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

68 B
607 B

105ms
105ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 183E
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

68 B
607 B

104ms
104ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 183E
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJEHQ8WBHspukAJZDIJDc*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

68 B
607 B

102ms
101ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 9737
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&ssp=between&expires=30&user_group=1
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

102ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 9737
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

68 B
607 B

106ms
105ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 9737
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5

68 B
607 B

105ms
104ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 9737
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJGLI8WBHspukAJZDIJDc*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

68 B
607 B

160ms
159ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame B504
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&ssp=between&expires=30&user_group=1
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

102ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame B504
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg

68 B
607 B

106ms
103ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uqiPltNHDkN.AikABlF84-d-tg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame B504
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0Nw**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiDjIiMBlIFvp7KygpiJGRhNmY3YmU0LWI2ZTktNTMzMy04YThiLWVhNDdlYjA5ZWM0N6IBEJZJM5w8WBHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiDjIiMBmIkZGE2ZjdiZTQtYjZlOS01MzMzLThhOGItZWE0N2ViMDllYzQ3ogEQlkkznDxYEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437

68 B
607 B

161ms
160ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=9649339c-3c58-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame B504
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=399b4bfc667d1126e6df7600

68 B
607 B

108ms
104ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=399b4bfc667d1126e6df7600
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=399b4bfc667d1126e6df7600
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 4B59 0
0 30ms
20ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a829d36dd786987-FRA

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 0533 4 KB
1 KB 134ms
6ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=652327
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 1B25 4 KB
1 KB 133ms
7ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=238284
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame F58E 4 KB
1 KB 132ms
7ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=289057
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 2065 4 KB
1 KB 130ms
8ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=862531
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 03 Nov 2021 03:46:11 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d686e347-4b2c-426e-9e9d-dbda72a16aa4

43 B
95 B

127ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d686e347-4b2c-426e-9e9d-dbda72a16aa4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d375aed0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d686e347-4b2c-426e-9e9d-dbda72a16aa4
date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9b16581e-c1c6-47e1-a292-e9b5faa208a0

43 B
118 B

124ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9b16581e-c1c6-47e1-a292-e9b5faa208a0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d384b6f0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9b16581e-c1c6-47e1-a292-e9b5faa208a0
date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d36faa60ebb-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

43 B
95 B

130ms
129ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d372ad00ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 582c315d-4e42-485e-951b-5f4dee1e08ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

43 B
106 B

125ms
124ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d372acf0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9cf33ee9-aa7f-498e-97cd-ba871a3b46f4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FF52 0
478 B 86ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

43 B
95 B

122ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d382b630ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

43 B
95 B

129ms
129ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d37fb3b0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame FF52 43 B
308 B 282ms
91ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame FF52
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
11ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Wed, 03 Nov 2021 03:46:10 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=31540850ef06b4fe6caaf84d

43 B
95 B

125ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=31540850ef06b4fe6caaf84d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d388b9f0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=31540850ef06b4fe6caaf84d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame FF52
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5466103988
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5466103988
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
95 B

123ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38fbd10ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1be47b1eb3834e1784e22d44e9f6c806003
content-type: text/html

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 7485
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

11ms
11ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Wed, 03 Nov 2021 03:46:10 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

43 B
95 B

235ms
233ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d372acc0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 134423a7-ba0c-49e1-b320-005d10d3eaa5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame 7485 43 B
308 B 277ms
92ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2628785524
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2628785524
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
95 B

124ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38ebd00ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1be47b1eb3834e1784e22d44e9f6c806003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

43 B
95 B

234ms
234ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38cbbc0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3c5fe110-f5c0-4f86-b51c-d43b00563015

43 B
118 B

129ms
129ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3c5fe110-f5c0-4f86-b51c-d43b00563015
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d384b750ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=3c5fe110-f5c0-4f86-b51c-d43b00563015
date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d370ab80ebb-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=de314e22-4a6f-41e0-b3a3-df1502b4a7b3

43 B
95 B

135ms
130ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=de314e22-4a6f-41e0-b3a3-df1502b4a7b3
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d375af10ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=de314e22-4a6f-41e0-b3a3-df1502b4a7b3
date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

43 B
95 B

132ms
130ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376af80ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2ccc28e2-ee6f-4699-b41a-c0f855a670f1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 7485 0
478 B 83ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

43 B
95 B

128ms
127ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d382b600ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7485
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

43 B
95 B

124ms
124ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d37db2f0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

43 B
95 B

126ms
125ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d372acd0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 572bf5ea-2cfa-4379-9da9-6e4f87b063b0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame 7FA7 43 B
309 B 286ms
89ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

43 B
95 B

132ms
132ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d37fb3c0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 7FA7
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
11ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Wed, 03 Nov 2021 03:46:10 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2077439760
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2077439760
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
95 B

123ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38fbd40ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1be47b1eb3834e1784e22d44e9f6c806003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

43 B
95 B

241ms
238ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38abb00ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=768af712-be89-4b72-847e-2aadfc7f28f6

43 B
95 B

145ms
140ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=768af712-be89-4b72-847e-2aadfc7f28f6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d375af00ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=768af712-be89-4b72-847e-2aadfc7f28f6
date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b8fcc097-6109-41eb-93bc-58a0747aef56

43 B
95 B

124ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b8fcc097-6109-41eb-93bc-58a0747aef56
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d386b860ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b8fcc097-6109-41eb-93bc-58a0747aef56
date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d371ac40ebb-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

43 B
95 B

240ms
237ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376af50ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 16b1151a-1f68-4b26-85fd-015aca7a2e19
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 7FA7 0
474 B 78ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 7FA7
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

43 B
95 B

240ms
237ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d383b690ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=358498991
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=358498991
https://sync.1rx.io/usersync/tradedesk/195e9dfb-2c2c-4485-8b75-e287ef88d502
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-1be47b1e-b383-4e17-84e2-2d44e9f...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
95 B

123ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d38fbd50ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1be47b1eb3834e1784e22d44e9f6c806003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=399b4bfc667d1126e6df7600

43 B
95 B

233ms
232ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=399b4bfc667d1126e6df7600
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b990ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=399b4bfc667d1126e6df7600
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2cf1719a-1c27-4447-9b27-28e9c08d1146

43 B
95 B

128ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2cf1719a-1c27-4447-9b27-28e9c08d1146
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d375aef0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2cf1719a-1c27-4447-9b27-28e9c08d1146
date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f082ae-77c9-4897-98ff-93cd42f966c9

43 B
95 B

140ms
134ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f082ae-77c9-4897-98ff-93cd42f966c9
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b910ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a4f082ae-77c9-4897-98ff-93cd42f966c9
date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d371ac70ebb-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

43 B
95 B

124ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376af90ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eae61315-135e-40fd-90f8-043ef6d50bfb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

43 B
95 B

125ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376af70ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8ccaa862-197b-42da-a8f0-79c52ae52fd4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0D3F 0
478 B 77ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

43 B
95 B

124ms
124ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d382b5b0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0D3F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

43 B
95 B

237ms
237ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d37fb3e0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 0D3F 43 B
308 B 271ms
99ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 0D3F 43 B
1 KB 9ms
8ms Image
image/gif 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2a1ad275-3971-4c53-b55a-cc59fb1f5fa7

43 B
95 B

129ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2a1ad275-3971-4c53-b55a-cc59fb1f5fa7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d375aec0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2a1ad275-3971-4c53-b55a-cc59fb1f5fa7
date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89052446-609e-4782-bd30-cc08b186aee7

43 B
95 B

235ms
234ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89052446-609e-4782-bd30-cc08b186aee7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d383b6e0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=89052446-609e-4782-bd30-cc08b186aee7
date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d36faa50ebb-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042

43 B
95 B

129ms
127ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376afa0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 857a8743-1722-495f-83ed-ce1e9a14f143
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042

43 B
95 B

242ms
241ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d376afb0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 10967f1e-721e-4e10-9ce7-6602c0f1564d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2331693702225386042
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 1B82 0
474 B 72ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0

43 B
95 B

123ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d382b5f0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP9641dd08-3c58-11ec-8648-0226963cdaa0
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A

43 B
95 B

123ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d37fb3d0ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KcubbqJE2uFdmfkbV8blwfS7gJH4bckzTLDvA_0-~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 1B82 43 B
308 B 258ms
91ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 1B82
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
11ms

Image
image/gif

51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Wed, 03 Nov 2021 03:46:10 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
sync.targeting.unrulymedia.com/csync/ Frame 1B82
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674008926
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674008926
https://sync.1rx.io/usersync/tradedesk/2ea3f58f-3d91-49d2-a245-d0a8bd55c98f
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
395 B

13ms
13ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 1B82
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5

43 B
95 B

123ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d384b700ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8ec93e25daa36bf8d849c7b5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 51C0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

68ms
65ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cfb56bcd86fcdb627e80e25530b6b2dbbc73edb89112430f4b76056573f76cb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|188|57|40|47
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1611
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 71C7 43 B
551 B 73ms
15ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D688 14 KB
5 KB 51ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=67723
expires: Wed, 03 Nov 2021 22:34:54 GMT
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B806 2 KB
823 B 14ms
5ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 32BB 2 KB
823 B 18ms
10ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame FDD2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

25ms
21ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ebdac9ced834c380be11188dfde264ceb2c23b9ad5295a9f0e8aa65bcf3bd152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|45|39|51|196|73|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1631
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame DDB2 43 B
555 B 67ms
15ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A115 14 KB
5 KB 46ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=67723
expires: Wed, 03 Nov 2021 22:34:54 GMT
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame A654
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

26ms
23ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2302d34764f7b806279f7b09e73229998032e53633d6eea718e5a1cd134f3fba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|88|64|176|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1622
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A07B 2 KB
823 B 17ms
7ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 3CE2 43 B
551 B 63ms
17ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DEE0 14 KB
5 KB 41ms
12ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=67723
expires: Wed, 03 Nov 2021 22:34:54 GMT
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8C36
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

44ms
43ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d18e23de780fbbf862588615348da839634bd712c4a43690735d786c4807fb93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|196|221|5|195
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1687
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 9890 43 B
551 B 60ms
17ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0675 14 KB
5 KB 39ms
16ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=67723
expires: Wed, 03 Nov 2021 22:34:54 GMT
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0FA5 2 KB
823 B 14ms
7ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 0C95
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

23ms
22ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb5354eaf3338ea8948bdd5f4560f645ab1d47ad802fb0dc4968698f8ae8774c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|10|3|46|73
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1720
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame B165 43 B
551 B 58ms
17ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B134 14 KB
5 KB 34ms
14ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=67723
expires: Wed, 03 Nov 2021 22:34:54 GMT
date: Wed, 03 Nov 2021 03:46:11 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9D49 2 KB
823 B 13ms
8ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D688 0
39 B 13ms
12ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3091954&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:10 GMT
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FDD2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

43 B
645 B

107ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RGZA5B6SRR9KK24G329M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YENWT98JZKPGAVR155QM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame FDD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPL7v_jntjUOFtixJ2Tm9CI&google_cver=1

43 B
315 B

14ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPL7v_jntjUOFtixJ2Tm9CI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPL7v_jntjUOFtixJ2Tm9CI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FDD2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA28sCyk6iyHSo14rqXxuzY&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

28ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA28sCyk6iyHSo14rqXxuzY&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA28sCyk6iyHSo14rqXxuzY&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FDD2 70 B
264 B 36ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame FDD2 43 B
220 B 11ms
8ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FDD2
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FDD2 43 B
873 B 118ms
35ms Image
image/gif 2a05:d018:d29:3605:6798:75ff:a274:9693
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6798:75ff:a274:9693 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame FDD2
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1

49 B
740 B

41ms
41ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.9
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.15.236
content-length: 0
expires: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame FDD2 43 B
95 B 249ms
242ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b920ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 0C95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJw-p7rJuwTSO9NCfmqQDZo&google_cver=1

43 B
315 B

13ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJw-p7rJuwTSO9NCfmqQDZo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJw-p7rJuwTSO9NCfmqQDZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0C95
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

43 B
645 B

107ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y2V5S73DZCR0R1YMC93K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JVNKVKX4BNRVG4NXB99X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0C95 70 B
264 B 36ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0C95
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPmgohzZdR7PPe1hHr22vqI&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

16ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPmgohzZdR7PPe1hHr22vqI&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPmgohzZdR7PPe1hHr22vqI&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0C95
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=619325531603

43 B
1 KB

17ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=619325531603
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=619325531603

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0C95
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=1&gdpr_consent=

43 B
1 KB

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a0d46182-0600-4a01-ad13-18ca0c0fc701&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 03 Nov 2021 03:46:10 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 0C95 0
0 43ms
12ms Image
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0C95 43 B
872 B 118ms
36ms Image
image/gif 2a05:d018:d29:3605:6798:75ff:a274:9693
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6798:75ff:a274:9693 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 setuid
sync.quantumdex.io/ Frame 0C95 43 B
95 B 134ms
128ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b930ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A654 70 B
264 B 33ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A654
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDiW5rxYiKo4mge4I3IyjIE&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

18ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDiW5rxYiKo4mge4I3IyjIE&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDiW5rxYiKo4mge4I3IyjIE&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A654
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4CDR1N9VQBVWERWYTDTE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1BRNGCT2TZ6PFJ9ND9GE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A654
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG57ni-abjxNMxc72t7TPJ4&google_cver=1

43 B
315 B

11ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG57ni-abjxNMxc72t7TPJ4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEG57ni-abjxNMxc72t7TPJ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A654
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYIGAwABrEZjrgAz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYIGAwABrEZjrgAz&gdpr=1&_test=YYIGAwABrEZjrgAz

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYIGAwABrEZjrgAz&gdpr=1&_test=YYIGAwABrEZjrgAz
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635911172.043539,VS0,VE0
x-served-by: cache-fra19172-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYIGAwABrEZjrgAz&gdpr=1&_test=YYIGAwABrEZjrgAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A654
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638503171

43 B
1 KB

28ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638503171
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638503171
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame A654 0
44 B 298ms
96ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:11 GMT
content-length: 0
server: b

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame A654 43 B
430 B 143ms
32ms Image
image/gif 52.16.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-214-249.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame A654 43 B
95 B 129ms
124ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b950ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8C36
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXbNztSsqcicLTqrNCcfU4&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

15ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXbNztSsqcicLTqrNCcfU4&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJXbNztSsqcicLTqrNCcfU4&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8C36 70 B
264 B 33ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 8C36
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELBFZFUfBASUb6WytOWOgIY&google_cver=1

43 B
315 B

15ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELBFZFUfBASUb6WytOWOgIY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELBFZFUfBASUb6WytOWOgIY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8C36
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

43 B
645 B

102ms
102ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N5RXB6Y66DK1TXR5T7P4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KSQ2XVVZWJJDC6K6CPR4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8C36
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

11ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

date: Wed, 03 Nov 2021 03:46:11 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 8C36
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1

49 B
265 B

66ms
65ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.179
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYIGA6fct9dv-hZsj.eYMwAA%261137?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.31.202
content-length: 0
expires: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 8C36 0
0 50ms
15ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8C36
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b86979b0-d53e-4712-84e3-a7c909dd17a1

43 B
1 KB

60ms
59ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b86979b0-d53e-4712-84e3-a7c909dd17a1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-b86979b0-d53e-4712-84e3-a7c909dd17a1
date: Wed, 03 Nov 2021 03:46:12 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 8C36 43 B
106 B 132ms
129ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b960ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 51C0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

43 B
645 B

99ms
98ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D1C0ZYJN6YGQYVRRJE94
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YMSKYGYM3XAMFNTVEJ6P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 51C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEols2mta483JJEONNVaGlI&google_cver=1

43 B
315 B

15ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEols2mta483JJEONNVaGlI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEols2mta483JJEONNVaGlI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 51C0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYIGA6fct9dv-hZsj.eYMwAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YYIGA6fct9dv-hZsj.eYMwAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhGkXEFpA0iCme8SROw44U&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

16ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhGkXEFpA0iCme8SROw44U&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhGkXEFpA0iCme8SROw44U&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 51C0 70 B
264 B 34ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 51C0 0
88 B 422ms
105ms Image
text/plain 35.171.36.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.36.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-36-131.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 51C0
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322320168610885

43 B
1 KB

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322320168610885
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322320168610885
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 51C0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7ie83YZF1MI7e35&gdpr=1

43 B
1 KB

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7ie83YZF1MI7e35&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:11 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:11 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=7ie83YZF1MI7e35&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 51C0 43 B
95 B 128ms
128ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYIGA6fct9dv_hZsj-eYMwAABHEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a829d387b970ebb-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 08C2
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

104ms
104ms

Document
text/html

18.213.10.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-151.compute-1.amazonaws.com
Software: /
Resource Hash: ad7876e3f3c6357a857e57c26cb1710a6c1dee5d83b3bc3dc9888aa44d6073f3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 03 Nov 2021 03:46:12 GMT
pragma: no-cache

Redirect headers

date: Wed, 03 Nov 2021 03:46:12 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H2

200

match
ads.betweendigital.com/ Frame 0533
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://x.bidswitch.net/sync?dsp_id=4&user_id=a3fe6e0a-237a-45fc-bfe9-9208b1e6ec2e&ssp=between&expires=30&user_group=5&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

101ms
101ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 1B25
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://x.bidswitch.net/sync?dsp_id=4&user_id=a3fe6e0a-237a-45fc-bfe9-9208b1e6ec2e&ssp=between&expires=30&user_group=5&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

101ms
101ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame F58E
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=6d27e31dd80b4d5db6467179f4b79e3a&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&gdpr_pd=&expires=7
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

104ms
101ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 2065
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=e713cc1c095b4191b99db22b2f53e2c6&ssp=between&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&gdpr_pd=&expires=7
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc

68 B
607 B

104ms
100ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b10b8095-2f9d-4772-990b-4ec77958b6dc
Date: Wed, 03 Nov 2021 03:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 2065
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

43 B
516 B

40ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame F58E
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

43 B
516 B

39ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 1B25
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

43 B
516 B

39ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 0533
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=9649339c-3c58-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cG7O1idMUnVNMvi5Fds2gA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1

43 B
516 B

40ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=cG7O1idMUnVNMvi5Fds2gA&extra2=aidata&google_gid=CAESEGzD_neiZUHzUANnqk_3Lkc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 08C2 43 B
1 KB 15ms
14ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=daed8e0b-0879-43f4-942a-f9e1ea895717&expiration=1643859972
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 03 Nov 2021 03:46:12 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C40A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

8ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=289057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7677
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

8ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=238284
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4AC2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=652327
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1D7E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

13ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=862531
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 03 Nov 2021 03:46:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C40A 31 KB
10 KB 19ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:38 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7677 31 KB
10 KB 18ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:38 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4AC2 31 KB
10 KB 14ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:38 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1D7E 31 KB
10 KB 9ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7677 284 B
536 B 8ms
7ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C40A 284 B
536 B 17ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4AC2 284 B
536 B 25ms
11ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1D7E 284 B
536 B 35ms
13ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2

200

238284
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 1B25
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284

43 B
297 B

43ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/238284
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

289057
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame F58E
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057

43 B
297 B

43ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/289057
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

652327
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 0533
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327

43 B
297 B

43ms
43ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/652327
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

862531
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 2065
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531

43 B
297 B

43ms
43ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/862531
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7DBC 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 59502032-20f0-479f-bc65-dcb441be8ae2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6D81 0
731 B 13ms
13ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2cfb4b24-8eb7-432c-af62-44bb65ccdd2d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F2D 0
731 B 24ms
24ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 68f54359-855c-4f66-ad3a-365824946c67
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C7BE 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f3e05909-78c4-44c0-b6fa-97a9b0da6419
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BA65 0
731 B 13ms
12ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c8484cb5-b879-4b99-9878-803908fc2682
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bswsync
crb.kargo.com/api/v1/ Frame 1B25
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b10b8095-2f9d-4772-990b-4ec77958b6dc&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
360 B

54ms
9ms

Image
image/gif

3.127.192.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b10b8095-2f9d-4772-990b-4ec77958b6dc&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 3.127.192.192 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Nov 2021 03:46:12 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=b10b8095-2f9d-4772-990b-4ec77958b6dc&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date: Wed, 03 Nov 2021 03:46:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
sync.targeting.unrulymedia.com/csync/ Frame F58E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60
https://sync.1rx.io/usersync/bidswitch/b10b8095-2f9d-4772-990b-4ec77958b6dc?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003

43 B
395 B

13ms
13ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
Protocol: H2
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:46:12 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003
pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET

/
ssc-cms.33across.com/ps/ Frame 0533
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp=
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp=&chk=1
https://x.bidswitch.net/sync?ssp=fidelity&user_id=ZTFkMDA4MjA4MGU4MGEw&gdpr=&gdpr_consent=&us_privacy=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=fidelity&bsw_custom_parameter=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk4ce7e41b-86f6-49c7-8e6d-54a1fb38c021&expires=7&user_group=5&ssp=fidelity&bsw_param=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://matching.kubient.net/match/bidswitch?id=b10b8095-2f9d-4772-990b-4ec77958b6dc&gdpr=&consent=&usp=
https://kssp.kbntx.ch/sync?from=kdmp&user=ZTFkMDA4MjA4MGU4MGEw&consent=&gdpr=&redirect=https%3A%2F%2Fmatching.kubient.net%2Fmatch%2Fbvid3kevgpikn2gm1d80%3Fconsent%3D%2524%257BGDPR_CONSENT%257D%26gd...
https://matching.kubient.net/match/bvid3kevgpikn2gm1d80?consent=%24%7BGDPR_CONSENT%7D&gdpr=%24%7BGDPR%7D&fp=3009134447
https://ssc-cms.33across.com/ps/?ri=0010b000018ldWcAAI&ru=https%3A%2F%2Fmatching.kubient.net%2Fmatch%2F33across%3Fid%3D33XUSERID33X%26fp%3D1860323048%26x%3D

0
0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2065
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&expires=60
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc&__user_check__=1&sync_id=96df6058-3c58-11ec-b4f1-1cf699440306

43 B
549 B

24ms
23ms

Image
image/gif

185.94.180.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc&__user_check__=1&sync_id=96df6058-3c58-11ec-b4f1-1cf699440306
Protocol: HTTP/1.1
Server: 185.94.180.126 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 101
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 03 Nov 2021 03:46:12 GMT
Server: nginx
Location: /partner?adv_id=7310&uid=b10b8095-2f9d-4772-990b-4ec77958b6dc&__user_check__=1&sync_id=96df6058-3c58-11ec-b4f1-1cf699440306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 76
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7F38 2 KB
823 B 9ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=289057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 457B 2 KB
823 B 9ms
8ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=238284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
an.yandex.ru/mapuid/betweendigitalis/ Frame F58E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47?redir-setuniq=1

43 B
180 B

45ms
45ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 03:46:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 03:46:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:12 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 03:46:12 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 03:46:12 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E7B0 2 KB
823 B 10ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=862531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
an.yandex.ru/mapuid/betweendigitalis/ Frame 1B25
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

43 B
80 B

45ms
45ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 03:46:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 03:46:13 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
an.yandex.ru/mapuid/betweendigitalis/ Frame 2065
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fda6f7be4-b6e9-5333-8a8b-ea47eb09ec47
https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

43 B
80 B

46ms
45ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 03:46:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 Nov 2021 03:46:13 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame F58E 0
410 B 58ms
18ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame 1B25 0
409 B 15ms
15ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=238284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame 2065 0
321 B 20ms
20ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=da6f7be4-b6e9-5333-8a8b-ea47eb09ec47&CACHEBUSTER=862531
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 03:46:13 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: links.services.disqus.com
URL: https://links.services.disqus.com/api/ping

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?ri=0010b000018ldWcAAI&ru=https%3A%2F%2Fmatching.kubient.net%2Fmatch%2F33across%3Fid%3D33XUSERID33X%26fp%3D1860323048%26x%3D

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thetruedefender.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bdcd39720050d58792514b0c88f2b105
.thetruedefender.com/	1970-01-20 15:56:23	Name: _ga Value: GA1.2.482854627.1635911168
.thetruedefender.com/	1970-01-19 22:26:37	Name: _gid Value: GA1.2.968910877.1635911168
.thetruedefender.com/	1970-01-19 22:25:11	Name: _gat_gtag_UA_186892928_1 Value: 1
thetruedefender.com/	1970-01-19 23:08:23	Name: _pbjs_userid_consent_data Value: 6683316680106290
.adnxs.com/	1970-01-20 00:34:47	Name: uuid2 Value: 2331693702225386042
.smartadserver.com/	1970-01-20 07:53:59	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 402008=4648546
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 07:53:59	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-19 22:26:37	Name: sasd Value: %24qc%3D1314162586%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0
.smartadserver.com/	1970-01-19 22:26:37	Name: sasd2 Value: q=%24qc%3D1314162586%3B%24ql%3DHigh%3B%24qpc%3D90403%3B%24qt%3D25_176_65889t%3B%24dma%3D0&c=1&l=-224065245&lo=590525346&lt=637715115682602735&o=1
.betweendigital.com/	1970-01-20 07:10:47	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:10:47	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:10:47	Name: unm Value: 1
.betweendigital.com/	1970-01-20 07:10:47	Name: tuuid Value: da6f7be4-b6e9-5333-8a8b-ea47eb09ec47
.quantumdex.io/	1970-01-19 22:54:02	Name: uid Value: 4af3acb0-fc62-4e94-9785-d0ac321fca02
.adnxs.com/	1970-01-20 00:34:47	Name: icu Value: ChgIm7tdEAoYBCAEKAQwgIyIjAY4BEAESAQQgIyIjAYYAw..
xn--r1a.website/	1970-01-19 22:26:37	Name: stel_ssid Value: 1284af28943bc9313f_13648067118257143419
.smartadserver.com/	1970-01-20 07:53:59	Name: pid Value: 7989106909926187537
.smartadserver.com/	1970-01-20 07:53:59	Name: pdomid Value: 12
.smartadserver.com/	1970-01-19 23:08:23	Name: Trk0 Value: Value=1366485&Creation=03%2f11%2f2021+04%3a46%3a08
.mathtag.com/	1970-01-20 07:10:47	Name: uuid Value: a0d46182-0600-4a01-ad13-18ca0c0fc701
.ad-srv.net/	1970-01-20 00:34:47	Name: u8x7eovwf3h6_uid Value: 78318c852633fa17
.ad-srv.net/	1970-01-20 00:34:47	Name: v0rur7gqspb3_uid Value: 4a13a166eefdb98e
.awin1.com/	1970-01-19 22:35:15	Name: awpv14098 Value: 559379\|1635911169\|94b8cb51-3c58-11ec-90f8-22619bdcb571
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379082:2519508
.mathtag.com/	1970-01-19 23:08:23	Name: mt_misc Value: mt_bt:1
.criteo.com/	1970-01-20 07:46:47	Name: uid Value: 64c6a6a1-eaaa-47cd-8d72-c53acfc05f6a
.thetruedefender.com/	1970-01-20 07:46:47	Name: cto_bundle Value: yiiH719GbFI2cEd2QWdmRHdDYnJGMmFzdUUwJTJGNmlJTnc2bnZ4Y3R5NHJhTkdhQ2luVUY2U2NmamNwd2tNM2JSSXp4bnVDS0JvJTJGUXp3V0gxVmRLVHFMJTJGWTZwR2EyTU9jMXpWeUFxWmxReWdBMkolMkZrUWpWWWkwZSUyQkdzZHdjU3paWjg2OFdRMCUyQndvbXJWYWhnNkNFUFVrZ3BUR3diSFpjUmFVUTk1RGU0T0tONzkwTm8lM0Q
.bidswitch.net/	1970-01-20 07:10:47	Name: tuuid Value: b10b8095-2f9d-4772-990b-4ec77958b6dc
.bidswitch.net/	1970-01-20 07:10:47	Name: c Value: 1635911171
.bidswitch.net/	1970-01-20 07:10:47	Name: tuuid_lu Value: 1635911171
.pubmatic.com/	1970-01-20 00:34:47	Name: KADUSERCOOKIE Value: 90032D93-FE52-40CB-9010-4C37E2893EE9
.smartadserver.com/	1970-01-20 07:53:59	Name: csync Value: 25:a0d46182-0600-4a01-ad13-18ca0c0fc701\|91:90032D93-FE52-40CB-9010-4C37E2893EE9
thetruedefender.com/	1970-01-20 07:46:47	Name: cto_bundle Value: grMNfV9pWWU5VVFPVjFTVmptRGhRTHY1cm1JbXpHc3JNYlRUTjRlWm5RaTJNVExEYXMlMkZLcllHZE5ROTAlMkJZRThjZlNHQ3dIZmJxQlZmQmRQOFhBS1ZEQWhMNVhZV1poZFVZc1hBZ2pWTVVIQ2k3NXA2VTFCVXdaeEZpU01aWTJtZkZ4YjQyYkpYRk0xQ1B6dGdmeDNHN3glMkJHU2c2b21ycHhBdEFqZ29MMCUyRlRvbnVWUSUzRA
thetruedefender.com/	1970-01-20 07:46:47	Name: cto_bidid Value: RDP1NV9IZXRnVjBhQ3NWWXdoQXA1OUUxJTJGVzVjRHRzMlRTR0ZxR3lMcmslMkY3ZE9LTWJ1WXBDSDJKNUZCSWt0STR4a241dVZPWkdiVSUyQlNGJTJCa1QxakJIR0JEd2kzM3NIMmc2NVJBUFJNeEQ3YmoycDM4T3hrYXJLZzlzZWxJWGx4dE5BWEYy
.sharethrough.com/	1970-01-20 07:10:47	Name: stx_user_id Value: de314e22-4a6f-41e0-b3a3-df1502b4a7b3
.id5-sync.com/	1970-01-19 22:25:11	Name: cf Value:
.id5-sync.com/	1970-01-19 22:25:11	Name: cip Value:
.id5-sync.com/	1970-01-19 22:25:11	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:25:11	Name: car Value:
.id5-sync.com/	1970-01-19 22:25:11	Name: gdpr Value:
.casalemedia.com/	1970-01-20 00:34:47	Name: CMPS Value: 3229
.casalemedia.com/	1970-01-20 07:10:47	Name: CMID Value: YYIGA6fct9dv-hZsj.eYMwAA
ads.avct.cloud/	1970-01-20 07:10:47	Name: uuid Value: 6c569f8d-0859-49d0-a71b-7d9d40020aa4
.advertising.com/	1970-01-20 07:12:13	Name: APID Value: UP9641dd08-3c58-11ec-8648-0226963cdaa0
.yahoo.com/	1970-01-20 07:11:08	Name: A3 Value: d=AQABBAMGgmECEJkrMovwx_J51gqdy3VQaoYFEgEBAQFXg2GLYQAAAAAA_eMAAA&S=AQAAAtKVBv-RalH_mTsC4LAjcJk
.id5-sync.com/	1970-01-19 22:25:11	Name: callback Value:
.casalemedia.com/	1970-01-20 00:34:47	Name: CMPRO Value: 1137
.id5-sync.com/	1970-01-20 00:34:47	Name: id5 Value: 95bc2e06-2aef-472f-bbee-e807872ba0aa#1635911171722#2
.id5-sync.com/	1970-01-20 00:34:47	Name: 3pi Value:
.adsniper.ru/	1970-01-27 05:37:11	Name: uuid3 Value: IiQ5NjQ5MzM5Yy0zYzU4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adhigh.net/	1970-01-20 07:10:47	Name: gi_u Value: uqiPltNHDkN.AikABlF84-d-tg
.analytics.yahoo.com/	1970-01-20 07:12:13	Name: IDSYNC Value: "192w~21bf:192x~21bf"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP9641dd08-3c58-11ec-8648-0226963cdaa0
.yahoo.com/	1970-01-19 22:26:37	Name: APIDTS Value: 1635911171
.ads.pubmatic.com/	1970-01-19 22:26:37	Name: KCCH Value: YES
.adhigh.net/	1970-01-20 07:10:47	Name: btw_sync Value: IYt
ms.quantumdex.io/	1970-01-23 14:01:11	Name: qdsp_uid Value: a4f082ae-77c9-4897-98ff-93cd42f966c9
.bumlam.com/	1970-01-27 05:37:11	Name: suuid3 Value: IiQ5NjQ5MzM5Yy0zYzU4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.1rx.io/	1970-01-20 07:10:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003%22%7D
.lijit.com/	1970-01-20 07:10:47	Name: ljt_reader Value: 8ec93e25daa36bf8d849c7b5
.w55c.net/	1970-01-20 07:53:59	Name: wfivefivec Value: 7ie83YZF1MI7e35
pool.admedo.com/	1970-01-20 07:10:47	Name: tuuid Value: 265ee97f-3add-4428-924a-75bc3383eb4c
pool.admedo.com/	1970-01-20 07:10:47	Name: c Value: 1635911171
pool.admedo.com/	1970-01-20 07:10:47	Name: tuuid_lu Value: 1635911171
.admixer.net/	1970-01-20 15:56:23	Name: am-uid Value: e713cc1c095b4191b99db22b2f53e2c6
.adsrvr.org/	1970-01-20 07:10:47	Name: TDID Value: 2ea3f58f-3d91-49d2-a245-d0a8bd55c98f
.w55c.net/	1970-01-19 23:08:23	Name: matchcasale Value: 5
.acuityplatform.com/	1970-01-20 07:10:47	Name: auid Value: 619325531603
.acuityplatform.com/	1970-01-20 07:10:47	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPjh8d3yOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT44fHd8jo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.doubleclick.net/	1970-01-20 07:46:47	Name: IDE Value: AHWqTUnAlfDOmu7t2o8a1vv3HvhZzEx1aBNa7mU7U-q58q6RNiO08kCmoMtqzy798_o
.targeting.unrulymedia.com/	1970-01-20 07:10:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1be47b1e-b383-4e17-84e2-2d44e9f6c806-003%22%7D
.creative-serving.com/	1970-01-20 07:46:47	Name: c Value: 1635911171
.creative-serving.com/	1970-01-20 07:46:47	Name: tuuid Value: a3fe6e0a-237a-45fc-bfe9-9208b1e6ec2e
.adsrvr.org/	1970-01-20 07:10:47	Name: TDCPM Value: CAEYBSABKAIyCwjg-_3b5qGPOhAFOAE.
.casalemedia.com/	1970-01-19 22:26:37	Name: CMST Value: YYIGA2GCBgQA
.creative-serving.com/	1970-01-20 07:46:47	Name: tuuid_lu Value: 1635911172
.rfihub.com/	1970-01-20 07:46:47	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjA0szAzNLCwMBXiM9Qt1i0Idc30C_RIDy2T4jU0Mza1NDQ0NDcyMLIEAOvUyag0AAAA
.rfihub.com/	1970-01-20 07:46:47	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxqaWhoaG5kYGwAADx8Bj4QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjA0szAzNLCwMBXiM9Qt1i0Idc30C_RIDy0DAFqwgPwlAAAA
.everesttech.net/	1970-01-20 07:10:47	Name: everest_g_v2 Value: g_surferid~YYIGAwABrEZjrgAz
.crwdcntrl.net/	1970-01-20 04:53:56	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:53:56	Name: _cc_id Value: db2de25b261184eaf5aaa18c9afe1845
.crwdcntrl.net/	1970-01-20 04:53:59	Name: _cc_cc Value: "ACZ4XmNQSEkySkk1Mk0yMjM0tDBJTUwzTUxMNLRItkxMSwUKmDIAQWITGwuIhgIAX48KVQ%3D%3D"
.crwdcntrl.net/	1970-01-20 04:53:59	Name: _cc_aud Value: "ABR4XmNgYGBIbGJjAVJQAAAMbgDu"
.betweendigital.com/	1970-01-20 07:10:47	Name: ut Value: YYIGBAABJPgHXegEeRfrIsTV4k54XopH3p2raA==
.eqads.com/	1970-01-20 00:37:39	Name: EQUser Value: UID=daed8e0b-0879-43f4-942a-f9e1ea895717
.aidata.io/	1970-01-20 15:56:23	Name: __upints Value: 1635911172
.aidata.io/	1970-01-20 15:56:23	Name: __upin Value: cG7O1idMUnVNMvi5Fds2gA
x01.aidata.io/	1970-01-19 22:25:11	Name: adsnpr Value: 1
.sniperlog.ru/	1970-01-20 15:56:23	Name: guid Value: 470EBDF2A9BE80DA
.casalemedia.com/	1970-01-20 07:10:47	Name: CMRUM3 Value: 27618206030b40&bc6182060305a00&40618206042760no-consent&03618206032760a0d46182-0600-4a01-ad13-18ca0c0fc701&2f6182060327607ie83YZF1MI7e35&2d6182060305a0&e6618206032760&396182060305a0&28618206042760daed8e0b-0879-43f4-942a-f9e1ea895717&f16182060305a0&c3618206042760av-b86979b0-d53e-4712-84e3-a7c909dd17a1&58618206042760YYIGAwABrEZjrgAz
.tns-counter.ru/	1970-01-20 07:10:47	Name: guid Value: 1C9F690061820604X1635911172

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/ Message: Access to XMLHttpRequest at 'https://links.services.disqus.com/api/ping' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://links.services.disqus.com/api/ping Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript	warning	URL: https://thetruedefender.com/johnson-johnson-recipients-35-times-more-likely-to-develop-deadly-blood-clot-in-the-brain/ Message: The resource https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-19.png?resize=703%2C383&ssl=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ad.ad-srv.net
ad12.ad-srv.net
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
an.yandex.ru
ap.lijit.com
apps.sascdn.com
bcp.crwdcntrl.net
bidder.criteo.com
bidswitch-eu.splicky.com
c.disquscdn.com
c0.wp.com
cache.betweendigital.com
cdn.connectad.io
cdn.contentspread.net
cdn.jsdelivr.net
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn4.telesco.pe
ced-ns.sascdn.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cmp.optad360.io
cookie-matching.mediarithmics.com
crb.kargo.com
cs.lkqd.net
dis.criteo.com
disqus.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
i.connectad.io
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
inv-nets.admixer.net
itx5.smartadserver.com
links.services.disqus.com
lockerdome.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media.kaspersky.com
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.wp.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
px.adhigh.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adpone.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
std.wpcdn.pl
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tags.mathtag.com
thetruedefender-com.disqus.com
thetruedefender.com
tlgr.org
token.rubiconproject.com
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
useast.quantumdex.io
users.api.jeeng.com
www.awin1.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
www8.smartadserver.com
x.bidswitch.net
x01.aidata.io
xn--r1a.website
links.services.disqus.com
ssc-cms.33across.com
104.109.78.125
104.111.239.217
104.154.142.214
13.35.253.128
135.125.160.77
142.250.186.162
145.239.2.103
146.0.227.109
146.20.132.120
147.75.38.124
149.154.164.24
151.101.192.134
151.101.194.49
151.101.65.108
151.236.71.146
154.59.122.79
157.90.157.235
169.197.150.7
172.217.18.98
178.162.133.149
178.250.0.157
178.250.0.163
178.250.2.131
18.159.140.98
18.184.122.71
18.196.195.54
18.197.87.177
18.213.10.151
18.235.172.182
185.184.8.65
185.29.132.242
185.29.132.245
185.33.220.100
185.33.220.145
185.85.15.31
185.86.137.133
185.86.137.32
185.86.138.121
185.86.138.32
185.94.180.126
192.0.76.3
192.0.77.2
192.0.77.37
193.0.160.128
193.232.150.45
198.47.127.19
199.232.192.134
199.232.194.49
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
2001:6d0:4001::226
212.77.98.32
212.77.99.29
213.19.147.44
2600:9000:2057:6a00:6:8656:f5c0:93a1
2600:9000:2057:d800:b:6268:b880:93a1
2600:9000:206f:1800:a:cbb7:a940:93a1
2600:9000:206f:a200:11:a4de:2580:93a1
2600:9000:206f:de00:6:b871:4f00:93a1
2606:4700:10::ac43:264e
2606:4700:10::ac43:2ac6
2606:4700:10::ac43:8ae
2606:4700:20::681a:842
2606:4700:20::681a:9a9
2606:4700:20::ac43:49e4
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6810:a40d
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9d
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:ba1b
2a02:26f0:6c00::210:ba29
2a02:6b8::90
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3605:6798:75ff:a274:9693
3.126.56.137
3.127.192.192
3.127.51.194
3.33.220.150
31.172.81.158
31.172.81.159
31.172.81.172
35.171.36.131
35.210.53.219
51.75.146.199
51.89.9.253
52.16.214.249
52.214.235.66
52.46.154.242
54.194.226.253
54.37.103.83
66.155.71.25
69.173.144.139
72.251.249.9
82.145.213.8
89.108.120.76
94.130.102.164
95.216.186.40
96.46.186.57
012d6655ff71c3ac8ec1cb10181c397023e07c6330f0e83b94dce9a399322982
015964ab01e4bd0a7384e8ac665f75be9388c6810a696c443051a6395d7c36fd
01f33379002ab450c9b1438038e921c12d134e1c337b7ba88c61793dcd5efcdc
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0a8821fcb1fbf648fbd3b95cc8daedaa0353c1e740812fdcb874e4a577be848c
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
11988b053ee3e2027e550a67fdd7f02e1f77823726277fa40185652113f9cea5
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18a73abf3ef25450a8de83d888954e474257c716355c91c5243dccbf378b958c
1a33fc4d9c68aac94d22d465a20e369746def584c89259397a4274cb1310c83a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a
1f6075c07d91f0490ee52a0fe5e9bc6c6ce8064b52d7345362c7b16a7ab19144
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2302d34764f7b806279f7b09e73229998032e53633d6eea718e5a1cd134f3fba
23695860a414cbbe4eb223a9ef31f944a10eb43953b59b5eca3e069ebf3db31c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2675b85ba20e9b01d3a1b39bbc108b3d6d2f76d6f1ad405870db5f80e24675f3
26dba57dc61a6db40c16c6db92c90f267b77a8ba5b458a605a0d3e00bfaf0b6a
2763b6b135badda78c1646d336e83da1faa0d200290bbf4106b552fcb64f68c2
2845f9d49b679d986fe78483792840b0d90bd8988570d21d0547e706b4f14148
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f5159a5a4567c1c1a7406088ac84919717d451a166953ee0eccad89d65151c9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
30af6f70ad452e4434de230633f43dde7122fb2e286cfa5367971193f8e43ee0
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
336cd0661033266d2e2bbfba4a0f9d9d4db13d1fc021ddb0f9d2ceb369e7675e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e6a588d4af02cc12d4df410a025801d95540ba12819ab33aed491854314dea
3ba2c590c10398cdd1488c24d30220c44e4faa04eeaa2d874a14da5d550b7b18
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e32dd5f51c877408019caff9857888020ce7779f99bda59d10d113f7604c0b4
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff06a01fd3406fbe5ed6fcb93fd667778a16c68f9ca624cc7706e41de582f7f
410496480e4dce77b2305cc51fc7445c74d486605957655f41b60ee3028f04b3
42272bb6b3ae99f0411515ddc63cbf7f54c0be742a2928eb00921061a6f1d8db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f41cc4fab403de9d228f97f48da9d1985a2a00307ec22f09cd7f7b1e98470c4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5002b8d43a7f9cfabd24e10167b71039b80f9a34fb9e77c51f94a4604c6115cf
50b8c8186c42f2c359478833bd354794e1025cfe16665c6348d7a9256b5280c2
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
5269b569fa0528a8a3b2ab46ab09447408391e7287f03c6a8523fcbf7239f3b8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ba0ec0af83cc83420c2fc19d6e29f5e2c3a46f7f33b3738c7d5fc641d87e9b3
5ba4f5a677d6ea902838fd0129ecf4bf43b6b9f81b266b250e932ae49f1d9564
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
600873ea1765d20223f233b5aa46ae011a7ac5602aad3fa12d47e795f76245a8
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
63732b65458ad902dda93dbf9b0673466b89492be178669f64e49618aecb5b91
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680f8ba0bf1c44518c2fda751b21aa0edc7c29ef0e7bead7d00a44a14b5d5b13
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6fc1d7688e89f9c61560d6352e37ad58b33bfb2f207b254a614241f826b2928e
70fedf5fb986e73167530f1acf001c1cfc07af1e0c21c4607513ad3356a8a078
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7645bb69411d19317f374ba4f6d27b8e5e6834d48e4013e2a8a47bce331d4c78
7a8bc93c8b7c1c6fab22bc0b52eda3f07b7ba61ae93f437fdb98746af1d4a558
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7c5ad9508977fa9a8685857181c93948a27aa92116e4801d95f3238c82075bd4
7db2f03af35fd402061f0935eba0eea487e765b7126e2de7d2a998fb090d479f
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7ed7991567af566628cbb8a721f6a4eac1d43220eba83867a6b4360b0cb490f1
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
804edab225f50363a8d2d5debbebac673353395388269e4213346d6b72828a7a
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba745993d99450e69ae86baf024e8117e1811a931d8d9c08b1eeaffa39ad027
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbf7b01eb96e3352bcc1e7ac6ee1fc248dab7a0c41cebef4dc2b3a85db9f1bc
8f1e043677b4cd7b01fd97876fd219441e856eed474498e034f5b412739fabf5
8fd447e8093041ec5487dd81649b6eca2642464d3357d115ba7532eebe9dd855
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b
94b0dd7a061f80bc838b0095bff0280e06b1eef839dc2d5fcd1b0b91c20d5386
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6
95f7f517e7dcdf1370d5b560b6c462c344587a364743fc2242a3a6d6f38dd4ff
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
983eee41d6f692856be539a5bd9796b4438b7daa7fc51b4b29926174434816db
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9ab713c4808b14a9833a5224815508ae311222528bf5d4d3be0c7906cb1318d5
9be752cabf1a0d29c7d289aa07ac73ccdbc11181d860a47c649351d3a1a959a8
9de84011a19eadec27aa6f17f948ab24b3db073324bbd04f8550d7a08bd94fd5
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f65c2e6dbf8b0af93b7f8c61f82f15a3694c91e7172fe015cf453c7d99ddabe
a01010f4da8ada0195146fe8ecafc42c9c8b1f0e2db5a94e3906bb22189e88a2
a015c01558367aaf8c7f7f01dac77bd83041b6977bddae75532bc9bbd2543421
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a83ff5c86bbf59b15b43075985d9afe76aa9fd4d00d15e44964ef45b9423bbf2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ab4b0790064c3276c82088168c2ef48ed394b14a3f9c35283fd05e6449907220
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad7876e3f3c6357a857e57c26cb1710a6c1dee5d83b3bc3dc9888aa44d6073f3
adedc6b523d63c790806cb4a54fd85d1ba4e31e38dd5dcc0d60ed2e666fb6506
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
ae6cb4a31b3412571acc266a1ab4cd481b6493df3a260310dd838db04d2074dc
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23622b123493be701aa3dc1770b2702145a2ef9172368a407c7c2b980b19840
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
b63142ffd137bafdfb2edfc236470f0dd20e94fe6dc0d514d4af1590e5a86d23
b9b119103a6c75308bbc9ba8dc606a095dd200104de1398912c0ba8ad33ac305
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba3e3f22592ee6f8bb60554a0ab8f93d5295790ed1bdb457ccd280aeea784c19
bb21eb96cfc09caf55334305afc860381c000fd87d7e078731e535fe8e31c767
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c31acb5a1bfd3279d02d72ee15f789cf17d5a3b7aedbccfd69c7fd0c9231249f
c69d743f01faeaae4d483a43b291a4f5a509c350a89098748ff43072fc67004c
c74e03c5f06c7a777111870687ac13741bbe623067bec980374ba3d668904311
cb5354eaf3338ea8948bdd5f4560f645ab1d47ad802fb0dc4968698f8ae8774c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb56bcd86fcdb627e80e25530b6b2dbbc73edb89112430f4b76056573f76cb5
d062848ac0750e58a19ab884d869c291bb7e13c73d46a83c8432eebf01a35d04
d1130cdd4fefa1ae93c7389e23f6fc68200b0e7be18245ab2e153bdfbc003a24
d18e23de780fbbf862588615348da839634bd712c4a43690735d786c4807fb93
d2601de99d171f4eb71a0dfa4c118703fd889e63fa6eacb00245eadc3fb30686
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
d859402073416136cd706c883ae28bb041a61c6f6ff181e0ae9c06ed9631d82e
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d9d3b25960c2c0d0cdfd36f4e5951990cbd116204622bdcb13fe8ad839a38300
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df923a26f3910e55eb879b3ab4a719a2bafb652dcf1b9c04395ad625d45faf21
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e9c5e45db2a6da7e3d12f2a1ac2aa24f0631c80bb914595e47548e5b6dc4fd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e80d5392b96d4b7baa52d6002ae2c9031ceaa5b2734dbd06a6f6ba17fba9dea0
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea17bb1ebafe95c08e86f3826d788a91ea35bba8e05caa077f1f87ca546e8246
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ebdac9ced834c380be11188dfde264ceb2c23b9ad5295a9f0e8aa65bcf3bd152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f6a3cc344659205cdf280b9173c4e1d1ff1d21f3637d1ed5b021d00ed8eb7924
f6acf35d1e8cbeab8e47c576dd76e1c0d50a522e01f38c24ec0a980059bed358
f8374fd41dba00c2db7d80888b361ff3cb0291093144ba8387e9ebaf38e7cefd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd45d8c89df8b3a1d69431e2d09284cf2964581415239fc2d340f2a4cea73aaa
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c
ff55f81c3b7d4ec7f0ff201f16d742ab5c9ceb8b43adc0b4fbd9090119e19216

thetruedefender.com Open in urlscan Pro 2606:4700:20::681a:842 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

465 Requests

75 %HTTPS

25 %IPv6

85 Domains

120 Subdomains

84 IPs

11 Countries

4279 kBTransfer

8229 kBSize

95 Cookies

16 Outgoing links

Redirected requests

465 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:842 Public Scan

Screenshot
Live screenshot

Full Image

465
Requests

75 %
HTTPS

25 %
IPv6

85
Domains

120
Subdomains

84
IPs

11
Countries

4279 kB
Transfer

8229 kB
Size

95
Cookies

465 HTTP transactions
7 data transactions