urlscan.io logo urlscan.io
SecurityTrails logo

www.investigationdiscovery.com Open in urlscan Pro
18.64.79.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://actr.crimefeed.com/
Effective URL: https://www.investigationdiscovery.com/
Submission: On February 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 24 domains to perform 53 HTTP transactions. The main IP is 18.64.79.16, located in United States and belongs to AMAZON-02, US. The main domain is www.investigationdiscovery.com. The Cisco Umbrella rank of the primary domain is 263638.
TLS certificate: Issued by Amazon on June 29th 2021. Valid for: a year.
This is the only time www.investigationdiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.218.23.240 14618 (AMAZON-AES)
5 18.64.79.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
3 34.120.195.249 15169 (GOOGLE)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 52.222.236.7 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
2 162.247.242.31 23467 (NEWRELIC-...)
16 52.54.60.105 14618 (AMAZON-AES)
6 52.209.85.214 16509 (AMAZON-02)
1 2 108.157.4.80 16509 (AMAZON-02)
1 54.220.215.179 16509 (AMAZON-02)
1 1 52.50.54.3 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 3 142.250.186.130 15169 (GOOGLE)
6 6 151.101.194.49 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.64.79.85 16509 (AMAZON-02)
1 3.122.111.84 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 104.244.42.67 13414 (TWITTER)
2 2 99.86.3.116 16509 (AMAZON-02)
1 1 44.196.109.196 14618 (AMAZON-AES)
1 54.76.155.32 16509 (AMAZON-02)
1 2600:1f18:659... 14618 (AMAZON-AES)
1 34.98.64.218 15169 (GOOGLE)
1 2 185.94.180.126 35220 (SPOTX-AMS)
53 23
1    3.218.23.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-23-240.compute-1.amazonaws.com
actr.crimefeed.com
5    18.64.79.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-16.txl50.r.cloudfront.net
www.investigationdiscovery.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o95853.ingest.sentry.io
1    2a02:26f0:fb:580::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    52.222.236.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-7.fra56.r.cloudfront.net
prod-realmservice.mercury.dnitv.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk
bam.nr-data.net
16    52.54.60.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-60-105.compute-1.amazonaws.com
us1-prod-direct.investigationdiscovery.com
6    52.209.85.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    108.157.4.80 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
1    54.220.215.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
scripps.demdex.net
1    52.50.54.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
rtd.tubemogul.com
rtd-tm.everesttech.net
sync-tm.everesttech.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.64.79.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-85.txl50.r.cloudfront.net
us1-prod-images.disco-api.com
1    3.122.111.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    99.86.3.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-116.fra6.r.cloudfront.net
ads.scorecardresearch.com
1    44.196.109.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-109-196.compute-1.amazonaws.com
usermatch.krxd.net
1    54.76.155.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2600:1f18:6593:f600:d00c:d52c:5371:efa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
Apex Domain
Subdomains		 Transfer
21 investigationdiscovery.com
www.investigationdiscovery.com — Cisco Umbrella Rank: 263638
us1-prod-direct.investigationdiscovery.com — Cisco Umbrella Rank: 611094
1 MB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
scripps.demdex.net — Cisco Umbrella Rank: 5019
10 KB
6 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 992
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2397
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
ads.scorecardresearch.com — Cisco Umbrella Rank: 1878
2 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
1 KB
3 sentry.io
o95853.ingest.sentry.io — Cisco Umbrella Rank: 179067
503 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1214
beacon.krxd.net — Cisco Umbrella Rank: 408
529 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
480 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
804 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 612
519 B
2 dnitv.com
prod-realmservice.mercury.dnitv.com — Cisco Umbrella Rank: 132592
583 B
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 509
p.typekit.net — Cisco Umbrella Rank: 656
1000 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
3 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
274 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11738
411 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
285 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 529
595 B
1 disco-api.com
us1-prod-images.disco-api.com — Cisco Umbrella Rank: 40439
270 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 tubemogul.com
rtd.tubemogul.com — Cisco Umbrella Rank: 6704
268 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 367
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
55 KB
1 crimefeed.com
actr.crimefeed.com
222 B
53 24
Domain Requested by
16 us1-prod-direct.investigationdiscovery.com www.investigationdiscovery.com
6 dpm.demdex.net www.investigationdiscovery.com
5 www.investigationdiscovery.com www.investigationdiscovery.com
4 sync-tm.everesttech.net 4 redirects
3 cm.g.doubleclick.net 2 redirects
3 o95853.ingest.sentry.io www.investigationdiscovery.com
2 sync.search.spotxchange.com 1 redirects
2 ads.scorecardresearch.com 2 redirects
2 www.facebook.com
2 idsync.rlcdn.com 2 redirects
2 sb.scorecardresearch.com 1 redirects
2 bam.nr-data.net www.investigationdiscovery.com
2 prod-realmservice.mercury.dnitv.com www.investigationdiscovery.com
2 fonts.googleapis.com client
1 us-u.openx.net
1 dmp.v.fwmrm.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 analytics.twitter.com
1 d.agkn.com
1 us1-prod-images.disco-api.com
1 fonts.gstatic.com fonts.googleapis.com
1 rtd-tm.everesttech.net 1 redirects
1 rtd.tubemogul.com 1 redirects
1 cm.everesttech.net 1 redirects
1 scripps.demdex.net www.investigationdiscovery.com
1 js-agent.newrelic.com www.investigationdiscovery.com
1 p.typekit.net use.typekit.net
1 use.typekit.net client
1 www.googletagmanager.com www.investigationdiscovery.com
1 actr.crimefeed.com 1 redirects
53 31

This site contains no links.

Subject Issuer Validity Valid
*.investigationdiscovery.com
Amazon		 2021-06-29 -
2022-07-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.ingest.sentry.io
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh
*.mercury.dnitv.com
Amazon		 2022-01-20 -
2023-02-17		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.disco-api.com
Amazon		 2021-10-04 -
2022-11-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-13 -
2022-02-11		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.investigationdiscovery.com/
Frame ID: 4F2C37679A851863E64B387B7E5387B5
Requests: 32 HTTP requests in this frame

Frame: https://scripps.demdex.net/dest5.html?d_nsid=0
Frame ID: CAB8E2DE38E6356088BAA53720349E80
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ID GO - Watch TV Shows Online

Page URL History Show full URLs

  1. http://actr.crimefeed.com/ HTTP 301
    https://www.investigationdiscovery.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

53
Requests

79 %
HTTPS

24 %
IPv6

24
Domains

31
Subdomains

23
IPs

4
Countries

1524 kB
Transfer

4640 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://actr.crimefeed.com/ HTTP 301
    https://www.investigationdiscovery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://sb.scorecardresearch.com/p?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001:07:43%20GMT+0000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=https%3A%2F%2Fwww.investigationdiscovery.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001%3A07%3A43%20GMT%200000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=https%3A%2F%2Fwww.investigationdiscovery.com%2F&c9=
Request Chain 28
  • https://cm.everesttech.net/cm/dd?d_uuid=15467453846319450090291898350234313150 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yfx8XwAAAMcYbAQf
Request Chain 35
  • https://idsync.rlcdn.com/365868.gif?partner_uid=15467453846319450090291898350234313150 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTAQABoNCOD48Y8GEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=7d6d3dc50aa3a109b8d2f19b1f1fc09dffac84753fbf6c220d5b9497e8364516b0da87c991749652
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTA= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTA=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHUG2BIna5QIcrJOhpKV6cg&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 37
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Yfx8XwAAAMcYbAQf
Request Chain 45
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=15467453846319450090291898350234313150&rn=1643936863473&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D15467453846319450090291898350234313150 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=15467453846319450090291898350234313150&rn=1643936863473&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D15467453846319450090291898350234313150 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=15467453846319450090291898350234313150
Request Chain 46
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=15467453846319450090291898350234313150 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=15467453846319450090291898350234313150
Request Chain 48
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWZ4OFh3QUFBTWNZYkFRZg==
Request Chain 49
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yfx8XwAAAMcYbAQf
Request Chain 50
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1&__user_check__=1&sync_id=dc1fcead-8556-11ec-8304-1dbc55590506
Request Chain 51
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yfx8XwAAAMcYbAQf&t=2592000&o=0

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.investigationdiscovery.com/
Redirect Chain
  • http://actr.crimefeed.com/
  • https://www.investigationdiscovery.com/
70 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-16.txl50.r.cloudfront.net
Software
/
Resource Hash
6121111febfcd8413891d8254f64769b3fed960fe5ac93f8cec9716cb47086e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Fri, 04 Feb 2022 01:07:41 GMT
last-modified
Thu, 06 Jan 2022 17:00:33 GMT
cache-control
public, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
content-encoding
gzip
etag
W/"61d72031-11913"
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-amz-cf-id
Kv8Hw2hMCkRs0ozbBaVH7eOCTfKdUVlmChVExcNj0MduxR0kyJGtTw==

Redirect headers

Content-Type
text/html
Date
Fri, 04 Feb 2022 01:07:54 GMT
Location
https://www.investigationdiscovery.com/
Server
nginx/1.4.6 (Ubuntu)
Content-Length
193
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		180 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-544SVFJ
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
441194771bd04c3cd47908b57352ad2746d4a7d29e714fa4733fb4a0dd68191e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56108
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Feb 2022 01:07:41 GMT
vendors~main-55898287df856e78d6f0.js
www.investigationdiscovery.com/ 		368 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/vendors~main-55898287df856e78d6f0.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-16.txl50.r.cloudfront.net
Software
/
Resource Hash
da17af1c35a81a9727f5ceddecc2df74f0e782f0bae10c4d4a5206d56a581f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Jan 2022 17:00:34 GMT
age
1878583
etag
W/"61d72032-5bf05"
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P2
vary
Accept-Encoding
x-amz-cf-id
mF0hSxGLhkvM7seswgBqcRjmLpt5TL8VqBBwD3P-sVayTerefaF_rA==
main-55898287df856e78d6f0.js
www.investigationdiscovery.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/main-55898287df856e78d6f0.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-16.txl50.r.cloudfront.net
Software
/
Resource Hash
b601257ceb37d1ea14193b3ef842de9cdb3cb1894bbf266c6503c279bcb42ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Jan 2022 17:00:33 GMT
age
1878583
etag
W/"61d72031-221f"
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P2
vary
Accept-Encoding
x-amz-cf-id
mXsas1jmLwOdqGsFM1epbCo8l4uQPIPTVVrTBADFLS8xA1IciFz13g==
css2
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 23:22:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Feb 2022 01:07:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Feb 2022 01:07:41 GMT
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 23:22:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Feb 2022 01:07:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Feb 2022 01:07:41 GMT
ple4uwa.css
use.typekit.net/ 		1 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ple4uwa.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e57e0f56d5aa15ac4668611a8a792656dde1f288068e01fbabb6b57fb2fb2607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 04 Feb 2022 01:07:41 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
587
/
o95853.ingest.sentry.io/api/5808589/envelope/ 		2 B
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o95853.ingest.sentry.io/api/5808589/envelope/?sentry_key=3e34e68862ff4522b46b4b80af0a8f44&sentry_version=7
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/vendors~main-55898287df856e78d6f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.investigationdiscovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Feb 2022 01:07:41 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
7-55898287df856e78d6f0.js
www.investigationdiscovery.com/ 		3 MB
852 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/7-55898287df856e78d6f0.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-16.txl50.r.cloudfront.net
Software
/
Resource Hash
ab1aec95ece8baf99430c7539618c1dc481a67f051a9ad12e18f85df5cbab3a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Jan 2022 17:00:33 GMT
age
1878582
etag
W/"61d72031-2d4007"
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P2
vary
Accept-Encoding
x-amz-cf-id
HjDU_rFJPEDLHZSOUuuTKgzlvbLYSDKxVBDgozd209FPDk3qZsEohw==
6-55898287df856e78d6f0.js
www.investigationdiscovery.com/ 		690 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/6-55898287df856e78d6f0.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-16.txl50.r.cloudfront.net
Software
/
Resource Hash
f6d8771b7ec72296922b7ba198de52f4fab7a9d32303fbbda3b53defba340f1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Jan 2022 17:00:34 GMT
age
1878582
etag
W/"61d72032-ac6b2"
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P2
vary
Accept-Encoding
x-amz-cf-id
HIyG9noakAGT9CtxxIRYI217814OeqXdS-QfTrxZ4F03dDQG4yQPew==
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ple4uwa&ht=tk&f=44428&a=27519086&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ple4uwa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:580::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:41 GMT
last-modified
Wed, 02 Sep 2020 00:55:27 GMT
server
nginx
etag
"5f4eed7f-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
www.investigationdiscovery.com
prod-realmservice.mercury.dnitv.com/realm-config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-realmservice.mercury.dnitv.com/realm-config/www.investigationdiscovery.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-7.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-website-hostname
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:21 GMT
server
nginx
access-control-allow-methods
GET, HEAD, POST
access-control-allow-headers
content-type, x-disco-website-hostname, x-forwarded-for, Accept, Accept-Language, Content-Language
access-control-allow-origin
*
cache-control
max-age=60
x-cache
Hit from cloudfront
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
sRozwhYJ5o_epizQfYwPMdDbIfoaPSYsYCOFabMKgjdqbBKybYNPGg==
age
20
www.investigationdiscovery.com
prod-realmservice.mercury.dnitv.com/realm-config/ 		249 B
583 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-realmservice.mercury.dnitv.com/realm-config/www.investigationdiscovery.com
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-7.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7eb69baabd932a64acda6c41ce08a618e04f90d34146015b90a6cb7393963df2

Request headers

Referer
https://www.investigationdiscovery.com/
X-disco-website-hostname
www.investigationdiscovery.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:21 GMT
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
server
nginx
age
20
x-cache
Hit from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
max-age=60
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
rLiRD22OadK0yUb1QLYF-evd3ayb_E3fJOxTt8NrWtF21iEZUDv3lw==
nr-spa-1211.min.js
js-agent.newrelic.com/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1211.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
CLSa7QJ2hagEFCkLjcLamPCZ0EDdPlaV
content-encoding
gzip
etag
"a5ee6c68d7de5e7446d73910964b5c10"
x-amz-request-id
76BHBRVATGTDEJ56
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16260
x-amz-id-2
UvvEArG4lNdZ2ZK8VjCOwxpNpzLcA0CTOewU1hH/ThlYpzjX/tp8PMFnS/YtMR4MYTCN4Rk+AOY=
x-served-by
cache-hhn4046-HHN
last-modified
Mon, 27 Sep 2021 20:46:51 GMT
server
AmazonS3
x-timer
S1643936862.938679,VS0,VE0
date
Fri, 04 Feb 2022 01:07:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
9
NRJS-3f04a28582c60344757
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-3f04a28582c60344757?a=1120001969&sa=1&v=1211.ba193a8&t=Unnamed%20Transaction&rst=1434&ck=1&ref=https://www.investigationdiscovery.com/&be=910&fe=1387&dc=1170&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1643936860517,%22n%22:0,%22f%22:282,%22dn%22:282,%22dne%22:317,%22c%22:317,%22s%22:352,%22ce%22:379,%22rq%22:379,%22rp%22:885,%22rpe%22:886,%22dl%22:888,%22di%22:1169,%22ds%22:1170,%22de%22:1170,%22dc%22:1386,%22l%22:1387,%22le%22:1387%7D,%22navigation%22:%7B%7D%7D&fp=917&ja=%7B%22network%22:%22ids%22%7D&jsonp=NREUM.setToken
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
service.newrelic.co.uk
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
me
us1-prod-direct.investigationdiscovery.com/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:42 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
me
us1-prod-direct.investigationdiscovery.com/users/ 		134 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
9210ebe9d8a8b526b1e37593e502099483ab8075384b6df9acf2c3f59a3a1921
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:42 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
rIZwE3jeCC
NRJS-3f04a28582c60344757
bam.nr-data.net/events/1/ 		24 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-3f04a28582c60344757?a=1120001969&sa=1&v=1211.ba193a8&t=Unnamed%20Transaction&rst=2276&ck=1&ref=https://www.investigationdiscovery.com/
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
service.newrelic.co.uk
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.investigationdiscovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.investigationdiscovery.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
token
us1-prod-direct.investigationdiscovery.com/ 		436 B
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/token?deviceId=94144bfd-5d22-4bf7-b231-70bfb513825b&realm=go&shortlived=true
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
66c7a670473ac30e66ae88d05ad26073377c0fd75640948051e7bae2f93e035f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-device-info
ids/1.11.1 (desktop/desktop; Windows/NT 10.0; 94144bfd-5d22-4bf7-b231-70bfb513825b)
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
etag
W/"555435004"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
8LfqRQoRwk
token
us1-prod-direct.investigationdiscovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/token?deviceId=94144bfd-5d22-4bf7-b231-70bfb513825b&realm=go&shortlived=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-device-info,x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:42 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
me
us1-prod-direct.investigationdiscovery.com/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
me
us1-prod-direct.investigationdiscovery.com/users/ 		826 B
838 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
ba2d742ffcbf22b01c242294063cfaa2ba784a824cae3176964177298c9fbe4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
etag
W/"126441611"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
TFAOA50xFF
partners
us1-prod-direct.investigationdiscovery.com/users/me/ 		197 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me/partners
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
49de96c1503914c09ac07ef36df391abb68301abbd5c802c563c4d631e9b0fcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
etag
W/"1437699305"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
swtKslpJMC
partners
us1-prod-direct.investigationdiscovery.com/users/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me/partners
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BC501253513148ED0A490D45%40AdobeOrg&d_nsid=0&ts=1643936863335
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fc98564db92c265f07595c80f46a8c9a941aa23518cf17f707aeb049542690bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.investigationdiscovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v027-04eb20598.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
/bP7/tVrQUA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.investigationdiscovery.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1025
Expires
Thu, 01 Jan 1970 00:00:00 UTC
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001:07:43%20GMT+0000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=https%3A...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001%3A07%3A43%20GMT%200000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=h...
64 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/p2?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001%3A07%3A43%20GMT%200000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=https%3A%2F%2Fwww.investigationdiscovery.com%2F&c9=
Protocol
H2
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2PiC3XAb2X6sn3qNTZluZNxkwj28Kx5QCv9_YlIExJjC1_Q__s3rKQ==

Redirect headers

date
Fri, 04 Feb 2022 01:07:43 GMT
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=9&c2=31602802&ax_uuid=1643936863339203e060d8d714a4a54902145e0d37d31&ns__t=Fri%20Feb%2004%202022%2001%3A07%3A43%20GMT%200000%20(GMT)&ns_c=UTF-8&cv=3.1&c8=&c7=https%3A%2F%2Fwww.investigationdiscovery.com%2F&c9=
content-length
269
x-amz-cf-id
ikFeNLJgglnGsrC5c3q7wyI_-ubNV3N8NWlaOQbnnsODo3QaT3I6Tw==
paws-desktop-mobile
us1-prod-direct.investigationdiscovery.com/cms/configs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
paws-desktop-mobile
us1-prod-direct.investigationdiscovery.com/cms/configs/ 		133 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
80a46395d76317b925fa9a1e8554214fb1b8198a39cb5436516ebaae8c53a8ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
tbFZMYIp8P
dest5.html
scripps.demdex.net/ Frame CAB8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripps.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.215.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-215-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 4 Feb 2022 01:07:43 GMT
DCS
dcs-prod-irl1-2-v027-0eab81db2.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 19 Jan 2022 14:02:08 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
TuShOQwDRNQ=
transfer-encoding
chunked
Connection
keep-alive
ibs:dpid=411&dpuuid=Yfx8XwAAAMcYbAQf
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=15467453846319450090291898350234313150
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yfx8XwAAAMcYbAQf
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yfx8XwAAAMcYbAQf
Protocol
HTTP/1.1
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-04d2b909f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mFNBl8AlT6g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yfx8XwAAAMcYbAQf
Date
Fri, 04 Feb 2022 01:07:43 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
web-menubar
us1-prod-direct.investigationdiscovery.com/cms/collections/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
web-footer
us1-prod-direct.investigationdiscovery.com/cms/collections/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
home
us1-prod-direct.investigationdiscovery.com/cms/routes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/routes/home?include=default&decorators=viewingHistory,isFavorite,playbackAllowed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-disco-client,x-disco-params
Origin
https://www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-length
0
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language
access-control-max-age
31536000
vary
Accept-Encoding,Origin
strict-transport-security
max-age=15724800; includeSubDomains;
web-menubar
us1-prod-direct.investigationdiscovery.com/cms/collections/ 		133 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
04515d4d40e53f6c1f6819cdad15207b5a27eeebf65c7f707084554daf29bb92
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
xQN3SsUgoR
web-footer
us1-prod-direct.investigationdiscovery.com/cms/collections/ 		133 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
9492858cf25ad892e4d7adc0fc0d302d443a0404fba289291d87b974062d8b7e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:43 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
oUiqHZ0q2t
home
us1-prod-direct.investigationdiscovery.com/cms/routes/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/routes/home?include=default&decorators=viewingHistory,isFavorite,playbackAllowed
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.60.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-105.compute-1.amazonaws.com
Software
/
Resource Hash
f6b62ed20dacd84d82f9bafa2eeb1783126c9daff7194e34fa3dbbe279c8b500
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:1.11.1
Accept-Language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,features=ar

Response headers

date
Fri, 04 Feb 2022 01:07:44 GMT
content-encoding
gzip
etag
W/"3141134233"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
x-disco-id
wSwGcFnChU
ibs:dpid=477&dpuuid=7d6d3dc50aa3a109b8d2f19b1f1fc09dffac84753fbf6c220d5b9497e8364516b0da87c991749652
dpm.demdex.net/ Frame CAB8
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=15467453846319450090291898350234313150
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTAQABoNCOD48Y8GEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=7d6d3dc50aa3a109b8d2f19b1f1fc09dffac84753fbf6c220d5b9497e8364516b0da87c991749652
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=7d6d3dc50aa3a109b8d2f19b1f1fc09dffac84753fbf6c220d5b9497e8364516b0da87c991749652
Protocol
HTTP/1.1
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-0dba01a99.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KT0qYH3fRNY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=7d6d3dc50aa3a109b8d2f19b1f1fc09dffac84753fbf6c220d5b9497e8364516b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
ibs:dpid=771&dpuuid=CAESEHUG2BIna5QIcrJOhpKV6cg&google_cver=1
dpm.demdex.net/ Frame CAB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTA=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTU0Njc0NTM4NDYzMTk0NTAwOTAyOTE4OTgzNTAyMzQzMTMxNTA=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHUG2BIna5QIcrJOhpKV6cg&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHUG2BIna5QIcrJOhpKV6cg&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-096e6021a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rHe+Em2hSOg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHUG2BIna5QIcrJOhpKV6cg&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=782&dpuuid=Yfx8XwAAAMcYbAQf
dpm.demdex.net/ Frame CAB8
Redirect Chain
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=Yfx8XwAAAMcYbAQf
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Yfx8XwAAAMcYbAQf
Protocol
HTTP/1.1
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-0fee7815f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nNpkr/mlSuA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1643936864.149482,VS0,VE93
x-served-by
cache-hhn4051-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=Yfx8XwAAAMcYbAQf
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.investigationdiscovery.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
175990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 00:14:34 GMT
bf86562a-524b-4cce-b72b-b4be1d0707c3.png
us1-prod-images.disco-api.com/2020/10/13/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us1-prod-images.disco-api.com/2020/10/13/bf86562a-524b-4cce-b72b-b4be1d0707c3.png?bf=0&f=jpg&p=true&q=85&w=2000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-85.txl50.r.cloudfront.net
Software
/
Resource Hash
560a38944df2e2e9a74adf66eae9ad9cd62eaab23932af33e8e43f6b43303929
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:33:19 GMT
via
1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
age
1442065
etag
0eebd90ad592f2d1bba5b4dc3e8d5bc6
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
x-disco-id
JRZuaVTCk1
cache-control
public, max-age=31536000
x-amz-cf-pop
TXL50-P2
strict-transport-security
max-age=15724800; includeSubDomains;
content-length
275296
x-amz-cf-id
5GAVCOpZtx2SiVgJRZVR4Re5sNP9ySSiiZz79JSnUc8SWR0dPm7NEQ==
/
o95853.ingest.sentry.io/api/5808589/envelope/ 		2 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o95853.ingest.sentry.io/api/5808589/envelope/?sentry_key=3e34e68862ff4522b46b4b80af0a8f44&sentry_version=7
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/vendors~main-55898287df856e78d6f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.investigationdiscovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o95853.ingest.sentry.io/api/5808589/store/ 		41 B
145 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o95853.ingest.sentry.io/api/5808589/store/?sentry_key=3e34e68862ff4522b46b4b80af0a8f44&sentry_version=7
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/vendors~main-55898287df856e78d6f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
520e75eaed26abb24f90a19638e4f88b052f27901e2f5122ffe6d34873d2c80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.investigationdiscovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
41
/
d.agkn.com/pixel/10697/ 		43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10697/?che=2022-02-04T01%3A07%3A44.101Z&auid=36473af7-61d6-4e22-923e-1aa334ccc4f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.111.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-111-84.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 01:07:43 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=441088090918592&ev=PageView&cd[order_id]=36473af7-61d6-4e22-923e-1aa334ccc4f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 04 Feb 2022 01:07:44 GMT
adsct
analytics.twitter.com/i/ Frame CAB8 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=15467453846319450090291898350234313150&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
101
date
Fri, 04 Feb 2022 01:07:44 UTC
cache-control
no-cache, no-store, max-age=0
server
tsa_o
x-connection-hash
d09930e5d3d01c00e47854dd0ddca0a026a0c7cfff0974b0023db52d79ce1ba4
content-length
0
strict-transport-security
max-age=631138519
ibs:dpid=73426&dpuuid=15467453846319450090291898350234313150
dpm.demdex.net/ Frame CAB8
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=15467453846319450090291898350234313150&rn=1643936863473&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D154674538463194...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=15467453846319450090291898350234313150&rn=1643936863473&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D15467453846319...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=15467453846319450090291898350234313150
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=15467453846319450090291898350234313150
Protocol
HTTP/1.1
Server
52.209.85.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-85-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v027-04f3a669a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
37Eu3O3uSXo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=15467453846319450090291898350234313150
content-length
105
x-amz-cf-id
5u4SDVUvOb44qhSVaiFmm-XTrPCTiYMD98iVBGTM5inEAG-qQJ-Q3g==
usermatch.gif
beacon.krxd.net/ Frame CAB8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=15467453846319450090291898350234313150
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=15467453846319450090291898350234313150
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=15467453846319450090291898350234313150
Protocol
H2
Server
54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 01:07:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1643936864
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=15467453846319450090291898350234313150
date
Fri, 04 Feb 2022 01:07:44 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
u
dmp.v.fwmrm.net/ad/ Frame CAB8 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:d00c:d52c:5371:efa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 01:07:44 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame CAB8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWZ4OFh3QUFBTWNZYkFRZg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWZ4OFh3QUFBTWNZYkFRZg==
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643936865.538365,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWZ4OFh3QUFBTWNZYkFRZg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame CAB8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yfx8XwAAAMcYbAQf
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yfx8XwAAAMcYbAQf
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643936865.640440,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yfx8XwAAAMcYbAQf
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame CAB8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1&__user_check__=1&sync_id=dc1fcead-8556-11ec-8304-1dbc55590506
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1&__user_check__=1&sync_id=dc1fcead-8556-11ec-8304-1dbc55590506
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 01:07:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 04 Feb 2022 01:07:44 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=Yfx8XwAAAMcYbAQf&img=1&__user_check__=1&sync_id=dc1fcead-8556-11ec-8304-1dbc55590506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
97
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame CAB8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yfx8XwAAAMcYbAQf&t=2592000&o=0
43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yfx8XwAAAMcYbAQf&t=2592000&o=0
Protocol
H3
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 17:07:44 PST
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
z21Hq9d9HXMO2d/3GlVCUwHsqsG11vMBJCMioaiWq7e2hY3e6mpiZmgX7mXAI0RYrqbRaO77zNN5greNtoXSEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Thu, 03 Feb 2022 17:07:44 PST

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 01:07:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643936865.834738,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yfx8XwAAAMcYbAQf&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| NREUM object| newrelic function| __nr_require object| google_tag_manager object| webpackJsonp object| __meta object| __SENTRY__ function| sprintf function| vsprintf function| __ object| gsapVersions object| webpackJsonpSonicPlayer object| adobe function| Visitor object| s_c_il number| s_c_in

22 Cookies

Domain/Path Name / Value
.nr-data.net/ Name: JSESSIONID
Value: 5a9557f01b1b508f
us1-prod-direct.investigationdiscovery.com/ Name: st
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJVU0VSSUQ6Z286OTYwMWJkMDktNzkxZC00MzM5LTg1ZGQtYjVhM2EyNGE3NzI1IiwianRpIjoidG9rZW4tNDA0MmEyMzYtNzhhOS00MzE2LWFhNTAtNDA2NDdiM2E4NWFiIiwiYW5vbnltb3VzIjp0cnVlLCJpYXQiOjE2NDM5MzY4NjN9.Cz4P7Fwpr1qq7Mu2-fIAL7YYKgAhapceOcqfrxfybro
.investigationdiscovery.com/ Name: gi_ls
Value: 0
www.investigationdiscovery.com/ Name: cSId
Value: 1643936863339203e060d8d714a4a54902145e0d37d31
.demdex.net/ Name: demdex
Value: 15467453846319450090291898350234313150
.investigationdiscovery.com/ Name: AMCVS_BC501253513148ED0A490D45%40AdobeOrg
Value: 1
.investigationdiscovery.com/ Name: ass
Value: 36473af7-61d6-4e22-923e-1aa334ccc4f8.1643938664.1643936863
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yfx8XwAAAMcYbAQf
.dpm.demdex.net/ Name: dpm
Value: 15467453846319450090291898350234313150
.investigationdiscovery.com/ Name: AMCV_BC501253513148ED0A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19028%7CMCMID%7C15303242251514479510308181555461281024%7CMCAAMLH-1644541663%7C6%7CMCAAMB-1644541663%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1643944063s%7CNONE%7CMCSYNCSOP%7C411-19035%7CvVersion%7C5.2.0
.rlcdn.com/ Name: rlas3
Value: RVfJpl1GBEWd0Z8RNV+edHcXE58d/hZvjGQTv0lF2HI=
.rlcdn.com/ Name: pxrc
Value: COD48Y8GEgUI6AcQABIGCPHrARAA
.doubleclick.net/ Name: IDE
Value: AHWqTUk1rkZlo-q4D_uk4ENkn-AjgZaZO58wEUgXAt3Hc4wYwjZV45d3Bnvwu2NbI_4
.facebook.com/ Name: fr
Value: 0CH7UALLEIttlS746..Bh_Hxg...1.0.Bh_Hxg.
.agkn.com/ Name: ab
Value: 0001%3AJQZ4nEi0YPcjtkVGeDdu2dvxxgp6T%2B6s
.agkn.com/ Name: u
Value: C|0CAApjzjgKY844AAAAAAAAT9rAAAAAA
.twitter.com/ Name: personalization_id
Value: "v1_W2noiTz0upJK7t5QsT3d8Q=="
.scorecardresearch.com/ Name: UID
Value: 1D3a8aea145383bf3f0d36c1643936864
.krxd.net/ Name: _kuid_
Value: OpDSzvI1
.demdex.net/ Name: dextp
Value: 60-1-1643936863820|771-1-1643936863921|782-1-1643936864022|1123-1-1643936864123|73426-1-1643936864224|66757-1-1643936864325|796-1-1643936864426|144230-1-1643936864527|144234-1-1643936864628|144236-1-1643936864729|144237-1-1643936864830
.spotxchange.com/ Name: audience
Value: dc1fce3c-8556-11ec-8304-1dbc55590506
.fwmrm.net/ Name: _uid
Value: "e344c_7060655067569705353"

5 Console Messages

Source Level URL
Text
network error URL: https://us1-prod-direct.investigationdiscovery.com/users/me
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://analytics.twitter.com/i/adsct?p_user_id=15467453846319450090291898350234313150&p_id=38594
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actr.crimefeed.com
ads.scorecardresearch.com
analytics.twitter.com
bam.nr-data.net
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
d.agkn.com
dmp.v.fwmrm.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
js-agent.newrelic.com
o95853.ingest.sentry.io
p.typekit.net
prod-realmservice.mercury.dnitv.com
rtd-tm.everesttech.net
rtd.tubemogul.com
sb.scorecardresearch.com
scripps.demdex.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
us1-prod-direct.investigationdiscovery.com
us1-prod-images.disco-api.com
use.typekit.net
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
www.investigationdiscovery.com
104.244.42.67
108.157.4.80
142.250.186.130
151.101.194.49
151.101.66.137
162.247.242.31
18.64.79.16
18.64.79.85
185.94.180.126
2600:1f18:6593:f600:d00c:d52c:5371:efa
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a02:26f0:f7::5c7b:e024
2a02:26f0:fb:580::19fd
2a03:2880:f12d:181:face:b00c:0:25de
3.122.111.84
3.218.23.240
34.120.195.249
34.98.64.218
35.244.174.68
44.196.109.196
52.209.85.214
52.222.236.7
52.50.54.3
52.54.60.105
54.220.215.179
54.76.155.32
99.86.3.116
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
04515d4d40e53f6c1f6819cdad15207b5a27eeebf65c7f707084554daf29bb92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
441194771bd04c3cd47908b57352ad2746d4a7d29e714fa4733fb4a0dd68191e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49de96c1503914c09ac07ef36df391abb68301abbd5c802c563c4d631e9b0fcc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520e75eaed26abb24f90a19638e4f88b052f27901e2f5122ffe6d34873d2c80e
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560a38944df2e2e9a74adf66eae9ad9cd62eaab23932af33e8e43f6b43303929
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6121111febfcd8413891d8254f64769b3fed960fe5ac93f8cec9716cb47086e7
66c7a670473ac30e66ae88d05ad26073377c0fd75640948051e7bae2f93e035f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eb69baabd932a64acda6c41ce08a618e04f90d34146015b90a6cb7393963df2
80a46395d76317b925fa9a1e8554214fb1b8198a39cb5436516ebaae8c53a8ea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9210ebe9d8a8b526b1e37593e502099483ab8075384b6df9acf2c3f59a3a1921
9492858cf25ad892e4d7adc0fc0d302d443a0404fba289291d87b974062d8b7e
ab1aec95ece8baf99430c7539618c1dc481a67f051a9ad12e18f85df5cbab3a3
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
b601257ceb37d1ea14193b3ef842de9cdb3cb1894bbf266c6503c279bcb42ce0
ba2d742ffcbf22b01c242294063cfaa2ba784a824cae3176964177298c9fbe4d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da17af1c35a81a9727f5ceddecc2df74f0e782f0bae10c4d4a5206d56a581f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57e0f56d5aa15ac4668611a8a792656dde1f288068e01fbabb6b57fb2fb2607
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6b62ed20dacd84d82f9bafa2eeb1783126c9daff7194e34fa3dbbe279c8b500
f6d8771b7ec72296922b7ba198de52f4fab7a9d32303fbbda3b53defba340f1a
fc98564db92c265f07595c80f46a8c9a941aa23518cf17f707aeb049542690bd