urlscan.io logo urlscan.io
SecurityTrails logo

thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:942  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and...
Submission: On January 04 via manual from DK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 11 countries across 98 domains to perform 418 HTTP transactions. The main IP is 2606:4700:20::681a:942, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 5th 2021. Valid for: a year.
This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:20:... 13335 (CLOUDFLAR...)
15 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
14 192.0.77.37 2635 (AUTOMATTIC)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2600:9000:231... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
16 104.19.133.78 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.115 16509 (AMAZON-02)
4 192.0.76.3 2635 (AUTOMATTIC)
1 2600:9000:224... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 34.120.247.19 15169 (GOOGLE)
9 3.216.170.81 14618 (AMAZON-AES)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 54.172.19.43 14618 (AMAZON-AES)
3 3.89.94.83 14618 (AMAZON-AES)
1 2600:9000:231... 16509 (AMAZON-02)
5 2.18.233.180 16625 (AKAMAI-AS)
2 151.101.65.194 54113 (FASTLY)
1 65.9.58.37 16509 (AMAZON-02)
3 104.154.142.214 15169 (GOOGLE)
1 18.66.112.48 16509 (AMAZON-02)
1 108.157.4.71 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 192.0.78.23 2635 (AUTOMATTIC)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
3 162.210.196.208 30633 (LEASEWEB-...)
2 34.149.20.76 15169 (GOOGLE)
1 3.120.57.46 16509 (AMAZON-02)
1 3 5.178.65.245 50673 (SERVERIUS-AS)
3 213.19.147.42 3356 (LEVEL3)
2 6 185.33.220.145 29990 (ASN-APPNEX)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2 147.75.38.124 54825 (PACKET)
5 51.89.9.252 16276 (OVH)
4 14 72.251.249.9 29791 (VOXEL-DOT...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 2a00:1450:400... 15169 (GOOGLE)
1 20.40.202.0 8075 (MICROSOFT...)
22 104.19.135.78 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 2600:9000:211... 16509 (AMAZON-02)
4 142.250.186.34 15169 (GOOGLE)
2 2 35.157.4.27 16509 (AMAZON-02)
9 37.157.2.237 198622 (ADFORM)
8 8 18.198.122.33 16509 (AMAZON-02)
4 4 37.157.2.235 198622 (ADFORM)
3 72.251.249.14 29791 (VOXEL-DOT...)
9 2.18.235.40 16625 (AKAMAI-AS)
2 104.111.233.227 16625 (AKAMAI-AS)
2 18.159.117.129 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.175.96.225 14618 (AMAZON-AES)
1 2a03:90c0:41:... 199524 (GCORE)
1 151.101.2.132 54113 (FASTLY)
6 37.157.6.235 198622 (ADFORM)
5 18.235.17.58 14618 (AMAZON-AES)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 52.73.58.202 14618 (AMAZON-AES)
2 34.246.74.180 16509 (AMAZON-02)
19 2.16.186.146 20940 (AKAMAI-ASN1)
1 75.101.235.47 14618 (AMAZON-AES)
2 16 2.18.234.21 16625 (AKAMAI-AS)
3 3 2.19.35.65 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
4 8 185.86.137.114 201081 (SMARTADSE...)
2 141.95.3.40 16276 (OVH)
2 3 52.208.103.128 16509 (AMAZON-02)
1 3 15.197.193.217 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
3 3.123.92.70 16509 (AMAZON-02)
1 185.94.180.124 35220 (SPOTX-AMS)
4 69.173.144.138 26667 (RUBICONPR...)
1 2 52.46.130.91 16509 (AMAZON-02)
6 6 142.250.185.130 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 2 169.50.137.182 36351 (SOFTLAYER)
2 51.178.20.139 16276 (OVH)
1 18.208.104.24 14618 (AMAZON-AES)
2 69.173.151.100 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.71 16509 (AMAZON-02)
1 13.32.99.35 16509 (AMAZON-02)
2 67.202.105.23 32748 (STEADFAST)
1 151.101.193.108 54113 (FASTLY)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 18.159.168.223 16509 (AMAZON-02)
1 150.136.26.45 31898 (ORACLE-BM...)
1 1 8.2.111.142 46636 (NATCOWEB)
4 46.249.52.248 50673 (SERVERIUS-AS)
1 185.33.221.15 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 185.29.134.248 30419 (MEDIAMATH...)
4 4 151.101.66.49 54113 (FASTLY)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 4 35.227.248.159 15169 (GOOGLE)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.213.98.175 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.104 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.170.15.31 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.49.38.161 16509 (AMAZON-02)
1 3 168.119.149.178 24940 (HETZNER-AS)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 35.174.233.127 14618 (AMAZON-AES)
1 2 54.239.37.45 16509 (AMAZON-02)
1 1 104.89.42.102 16625 (AKAMAI-AS)
2 2 52.48.101.48 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
3 5.178.65.252 50673 (SERVERIUS-AS)
1 35.227.252.103 15169 (GOOGLE)
1 3.212.173.197 14618 (AMAZON-AES)
2 2 52.210.199.144 16509 (AMAZON-02)
1 18.156.0.31 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 34.200.60.187 14618 (AMAZON-AES)
1 2 54.208.142.27 14618 (AMAZON-AES)
1 143.204.98.111 16509 (AMAZON-02)
1 212.129.3.113 12876 (Online SAS)
1 34.224.231.98 ()
418 120
34    2606:4700:20::681a:942 (United States)

ASN13335 (CLOUDFLARENET, US)
thetruedefender.com
15    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i2.wp.com
i1.wp.com
i0.wp.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
4    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
4    2600:9000:2315:9000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2600:9000:2156:8e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:2156:ec00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
5    2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
16    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
2    2600:9000:2156:9600:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
1    143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net
clientcdn.pushengage.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:224a:e00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    2600:9000:2156:1a00:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
2    34.120.247.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.247.120.34.bc.googleusercontent.com
telemetries.jeeng.com
9    3.216.170.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-170-81.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
event.instiengage.com
cms.instiengage.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    54.172.19.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-19-43.compute-1.amazonaws.com
geoip.insticator.com
3    3.89.94.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-94-83.compute-1.amazonaws.com
b2c.insticator.com
event.insticator.com
1    2600:9000:2315:4200:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    65.9.58.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-37.fra56.r.cloudfront.net
get.s-onetag.com
3    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    108.157.4.71 (United States)

ASN16509 (AMAZON-02, US)
signal-beacon.s-onetag.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
8    2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
3    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
3    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
3    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
tag.targeting.unrulymedia.com
6    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
14    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
vap3ams1.lijit.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
22    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    2600:9000:211e:e200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    35.157.4.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-4-27.eu-central-1.compute.amazonaws.com
aws-fr.bidswitch.net
9    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
dmp.adform.net
8    18.198.122.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-122-33.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
x.bidswitch.net
4    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
9    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
iponweb503341958152.s.moatpixel.com
2    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
2    18.159.117.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.175.96.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-96-225.compute-1.amazonaws.com
b2c.instiengage.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
6    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
5    18.235.17.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-17-58.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:ef::5f65:4d5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
5    52.73.58.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-202.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
2    34.246.74.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
geo.moatads.com
mb.moatads.com
19    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
1    75.101.235.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-235-47.compute-1.amazonaws.com
premiumsrv.aniview.com
16    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com
id5-sync.com
3    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    3.123.92.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-92-70.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
1    18.208.104.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-104-24.compute-1.amazonaws.com
sync.aniview.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
ats.rlcdn.com
1    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
2    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
22    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    18.159.168.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-168-223.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.2.111.142 (United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
4    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
1    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a05:d018:d29:3602:74fc:7750:9e36:ae36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:c4d3:9642:4a9c:6d1c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.213.98.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-98-175.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.170.15.31 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-15-31.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.49.38.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-38-161.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.174.233.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-233-127.compute-1.amazonaws.com
usermatch.krxd.net
2    54.239.37.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.48.101.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-101-48.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    3.212.173.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-197.compute-1.amazonaws.com
a.audrte.com
2    52.210.199.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-199-144.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    34.200.60.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-60-187.compute-1.amazonaws.com
sync.extend.tv
2    54.208.142.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-142-27.compute-1.amazonaws.com
um2.eqads.com
1    143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
tags.crwdcntrl.net
1    212.129.3.113 (Gennevilliers, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-113.rev.poneytelecom.eu
js.cookieless-data.com
1    34.224.231.98 (None, )

ASN- ()
track1.aniview.com
Apex Domain
Subdomains		 Transfer
39 mgid.com
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
video-native.mgid.com
732 KB
34 thetruedefender.com
thetruedefender.com
457 KB
33 wp.com
i2.wp.com
c0.wp.com
stats.wp.com
i1.wp.com
pixel.wp.com
i0.wp.com
2 MB
25 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
1 MB
22 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
22 instiengage.com
product.instiengage.com
geoip.instiengage.com
auth.instiengage.com
eua.instiengage.com
event.instiengage.com
static.instiengage.com
b2c.instiengage.com
cms.instiengage.com
4 MB
19 adform.net
track.adform.net
c1.adform.net
s1.adform.net
dmp.adform.net
195 KB
19 lijit.com
ap.lijit.com
ce.lijit.com
vap3ams1.lijit.com
pxdrop.lijit.com
34 KB
18 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
36 KB
16 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
21 KB
14 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
196 KB
11 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
86 KB
10 bidswitch.net
aws-fr.bidswitch.net
aws-fr-sync.bidswitch.net
x.bidswitch.net
6 KB
10 e-planning.net
ads.us.e-planning.net
sync.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
18 KB
8 smartadserver.com
www9.smartadserver.com
5 KB
8 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
206 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
21 KB
8 ingage.tech
ex.ingage.tech
1 KB
6 moatads.com
z.moatads.com
geo.moatads.com
px.moatads.com
mb.moatads.com
108 KB
5 moatpixel.com
iponweb503341958152.s.moatpixel.com
1 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 lightboxcdn.com
www.lightboxcdn.com
146 KB
4 tapad.com
pixel.tapad.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
3 KB
4 crwdcntrl.net
id.crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
39 KB
4 gstatic.com
fonts.gstatic.com
158 KB
4 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
320 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
456 B
4 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 jeeng.com
users.api.jeeng.com
telemetries.jeeng.com
121 KB
4 google-analytics.com
www.google-analytics.com
21 KB
3 richaudience.com
sync.richaudience.com
741 B
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 owneriq.net
px.owneriq.net
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
3 aralego.com
hb.aralego.com
sync.aralego.com
922 B
3 lockerdome.com
lockerdome.com
5 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
17 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
21 KB
2 eqads.com
um2.eqads.com
563 B
2 bidr.io
match.prod.bidr.io
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
428 B
2 weborama.fr
idsync.frontend.weborama.fr
673 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
791 B
2 mathtag.com
sync.mathtag.com
pixel.mathtag.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 dyntrk.com
gu.dyntrk.com
430 B
2 simpli.fi
um.simpli.fi
846 B
2 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com
ats.rlcdn.com
37 KB
2 id5-sync.com
id5-sync.com
1 KB
2 google.com
www.google.com
adservice.google.com
1 KB
2 clarium.io
protected-by.clarium.io
690 B
2 fontawesome.com
use.fontawesome.com
85 KB
2 a-mo.net
prebid.a-mo.net
605 B
2 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
1 KB
2 1rx.io
tag.1rx.io
350 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
137 KB
2 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
108 KB
2 optad360.io
cmp.optad360.io
get.optad360.io
723 B
1 cookieless-data.com
js.cookieless-data.com
535 B
1 extend.tv
sync.extend.tv
546 B
1 quantserve.com
pixel.quantserve.com
510 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 audrte.com
a.audrte.com
2 KB
1 openx.net
rtb.openx.net
351 B
1 sitescout.com
pixel.sitescout.com
288 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
383 B
1 theadex.com
dmp.theadex.com
335 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 taboola.com
trc.taboola.com
163 B
1 turn.com
ad.turn.com
425 B
1 admanmedia.com
cs.admanmedia.com
528 B
1 technoratimedia.com
sync.technoratimedia.com
297 B
1 aralego.net
cdn.aralego.net
1 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 privacymanager.io
geo.privacymanager.io
594 B
1 googlesyndication.com
pagead2.googlesyndication.com
13 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 spotxchange.com
search.spotxchange.com
1 KB
1 unrulymedia.com
tag.targeting.unrulymedia.com
383 B
1 google.de
www.google.de
501 B
1 azurewebsites.net
lightboxapi.azurewebsites.net
787 B
1 emxdgt.com
hb.emxdgt.com
161 B
1 wordpress.com
public-api.wordpress.com
2 KB
1 gravatar.com
secure.gravatar.com
39 KB
1 pushengage.com
clientcdn.pushengage.com
19 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
0 adotmob.com Failed
sync.adotmob.com Failed
418 98
Domain Requested by
34 thetruedefender.com thetruedefender.com
c0.wp.com
22 s-img.mgid.com thetruedefender.com
19 mcd.ex.co player.avplayer.com
16 mwzeom.zeotap.com spl.zeotap.com
sync.e-planning.net
14 c0.wp.com thetruedefender.com
10 ap.lijit.com 4 redirects df80k0z3fi8zg.cloudfront.net
thetruedefender.com
9 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
8 www9.smartadserver.com 4 redirects
8 track.adform.net thetruedefender.com
s1.adform.net
8 static.instiengage.com thetruedefender.com
8 ex.ingage.tech df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
sync.e-planning.net
6 spl.zeotap.com df80k0z3fi8zg.cloudfront.net
spl.zeotap.com
sync.e-planning.net
6 cm.g.doubleclick.net 6 redirects
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
6 s1.adform.net thetruedefender.com
s1.adform.net
6 ib.adnxs.com 2 redirects df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
spl.zeotap.com
6 i0.wp.com thetruedefender.com
6 jsc.mgid.com thetruedefender.com
jsc.mgid.com
5 iponweb503341958152.s.moatpixel.com
5 prd-collector-anon.ex.co player.ex.co
5 onetag-sys.com df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
5 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
player.aniview.com
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
5 www.lightboxcdn.com thetruedefender.com
www.lightboxcdn.com
5 i2.wp.com thetruedefender.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 sync-tm.everesttech.net 4 redirects
4 u-ams02.e-planning.net sync.e-planning.net
ssum.casalemedia.com
4 track1.aniview.com thetruedefender.com
player.aniview.com
4 fonts.gstatic.com fonts.googleapis.com
4 vap3ams1.lijit.com thetruedefender.com
4 x.bidswitch.net 4 redirects
4 c1.adform.net 4 redirects
4 aws-fr-sync.bidswitch.net 4 redirects
4 event.instiengage.com product.instiengage.com
4 stats.g.doubleclick.net lockerdome.com
www.google-analytics.com
4 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
player.aniview.com
4 i1.wp.com thetruedefender.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 s.e-planning.net sync.e-planning.net
3 sync.richaudience.com 1 redirects spl.zeotap.com
sync.e-planning.net
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com ssum.casalemedia.com
df80k0z3fi8zg.cloudfront.net
3 token.rubiconproject.com eus.rubiconproject.com
3 prebid-server.rubiconproject.com player.aniview.com
3 match.adsrvr.org 1 redirects ads.pubmatic.com
ssum.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 ssum.casalemedia.com 1 redirects player.aniview.com
sync.e-planning.net
3 px.moatads.com thetruedefender.com
3 ce.lijit.com thetruedefender.com
player.aniview.com
3 securepubads.g.doubleclick.net d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
3 servicer.mgid.com jsc.mgid.com
3 lockerdome.com cdn2.lockerdomecdn.com
3 cdn.mgid.com jsc.mgid.com
thetruedefender.com
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects
2 beacon.krxd.net spl.zeotap.com
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
2 imasdk.googleapis.com player.aniview.com
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 gu.dyntrk.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 id5-sync.com ads.pubmatic.com
player.aniview.com
2 atrack.avplayer.com thetruedefender.com
2 player.aniview.com player.ex.co
player.aniview.com
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 protected-by.clarium.io thetruedefender.com
2 pxdrop.lijit.com thetruedefender.com
2 aws-fr.bidswitch.net 2 redirects
2 use.fontawesome.com client
use.fontawesome.com
2 fonts.googleapis.com client
2 cm.mgid.com jsc.mgid.com
2 c.mgid.com jsc.mgid.com
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 tag.1rx.io df80k0z3fi8zg.cloudfront.net
player.aniview.com
2 ads.us.e-planning.net 1 redirects thetruedefender.com
2 ssc.33across.com df80k0z3fi8zg.cloudfront.net
2 hb.aralego.com df80k0z3fi8zg.cloudfront.net
2 eua.instiengage.com auth.instiengage.com
2 mug.criteo.com thetruedefender.com
2 gum.criteo.com 1 redirects
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 auth.instiengage.com product.instiengage.com
auth.instiengage.com
2 geoip.instiengage.com product.instiengage.com
2 telemetries.jeeng.com users.api.jeeng.com
2 pixel.wp.com thetruedefender.com
2 stats.wp.com thetruedefender.com
2 cdn1.lockerdomecdn.com thetruedefender.com
cdn1.lockerdomecdn.com
2 product.instiengage.com thetruedefender.com
product.instiengage.com
2 users.api.jeeng.com thetruedefender.com
users.api.jeeng.com
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 sync.extend.tv 1 redirects
1 pixel.quantserve.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ups.analytics.yahoo.com ssum.casalemedia.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 sync.aralego.com cdn.aralego.net
1 a.audrte.com sync.e-planning.net
1 rtb.openx.net sync.e-planning.net
1 pixel.sitescout.com 1 redirects
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 ad.turn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 cs.admanmedia.com 1 redirects
1 sync.technoratimedia.com
1 sync.go.sonobi.com
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 sync.e-planning.net df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 geo.privacymanager.io ats.rlcdn.com
1 ats.rlcdn.com ads.pubmatic.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 pagead2.googlesyndication.com srcdoc
1 adservice.google.com imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 sync.aniview.com ssum.casalemedia.com
1 idsync.rlcdn.com ssum.casalemedia.com
1 search.spotxchange.com player.aniview.com
1 id.crwdcntrl.net ads.pubmatic.com
1 mb.moatads.com z.moatads.com
1 tag.targeting.unrulymedia.com player.aniview.com
1 cms.instiengage.com product.instiengage.com
1 premiumsrv.aniview.com player.aniview.com
1 geo.moatads.com z.moatads.com
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 b2c.instiengage.com product.instiengage.com
1 www.google.de thetruedefender.com
1 www.google.com thetruedefender.com
1 z.moatads.com thetruedefender.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 public-api.wordpress.com thetruedefender.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 secure.gravatar.com thetruedefender.com
1 cdn2.lockerdomecdn.com thetruedefender.com
1 d3lcz8vpax4lo2.cloudfront.net thetruedefender.com
1 clientcdn.pushengage.com thetruedefender.com
1 get.optad360.io thetruedefender.com
1 cmp.optad360.io thetruedefender.com
1 www.googletagmanager.com thetruedefender.com
0 sync.adotmob.com Failed ssum.casalemedia.com
ssum-sec.casalemedia.com
0 api.rlcdn.com Failed ads.pubmatic.com
418 175
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-05 -
2022-12-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
ssl1029400.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-06 -
2022-06-30		 a year crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
telemetries.jeeng.com
GTS CA 1D4		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02		 2021-07-07 -
2022-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.dyntrk.com
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh

This page contains 41 frames:

Primary Page: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Frame ID: C0AD99DC31EEEA8C55931F4A75230952
Requests: 232 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 1296B5D6CAB2154C9F5EBC164FEA8D32
Requests: 3 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 39E04A057EC7AD3696B2674AB555F1AB
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 2C796499503004874C78ECFCA2047DFB
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-2652-7251&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 742251590F3C689035C69137463D9C86
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: CA5CCD384EDE0E5A4A0344201ABC68AA
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1641286287480&lv=1
Frame ID: 054505336642FB28B0A984B54B3BCED2
Requests: 2 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Frame ID: D9CA381D7E8F232C57577253CB3D28F1
Requests: 19 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1641286287805347676553
Frame ID: A2E1F439C39D33C7FB3F23DDFA507B35
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG_VwI8IBe_Nc0;OOBClickTrack=
Frame ID: 18A7725A65978D6615266160D64B68F7
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M_FxZ50;OOBClickTrack=
Frame ID: EBDFAD60F6F2B212FBD5AE967A28B99E
Requests: 13 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: 9C8997664732AE55C4516D6CB24BE198
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 588C8455D41B83D449C05092885E1EC5
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D1%26key%3D
Frame ID: 08DB6B9F7B88B7928025347C82B480CD
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 758742E776BC3541A382FFDC813BDC48
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 090FCE9AABBBBE60B7B3609446D0150F
Requests: 4 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1641286288959-980633797214-007787-003-008465&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 2E83C4197DCDD32DE4E33A0CB8678A76
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 420AD3F96D8B4418EC55117E7E9C4DED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 10C918B7198E0F4F89C6ECA662C52007
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 3F285952874D083E87F65EEF7E6C83CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 7FB5D0192BC3B7D7B1C17B89C0588631
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1272FFB6A7EEB088F21CC835B1B737F5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: F7F42353E3DCE6B9CDB7851EA05BF24E
Requests: 4 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D33XUSERID33X
Frame ID: A3B7DF02E617FB63CE009D5CCEC58451
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 004001EC83952975089FC805E6132CDF
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C8fa0b37c-db09-4c93-af46-938fe7975887&gdpr=0
Frame ID: EEAE0C0D82D55B4FB1A09FE502A23079
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: CB6C45447B94A6656EB1F8AC0E3A0E08
Requests: 1 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Frame ID: 84961D67381FE341DAD88768C9C92406
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: 1842BBD148F8201F08AC05303AE7058F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Frame ID: 9D089D50E7FB22E71B545702D834EB56
Requests: 10 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 609B00F9538F5068BB0314B378B79360
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1641286287344
Frame ID: EFBB0C9036682F7CFA87A74CFFD0E0EC
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&cmp=0
Frame ID: 47280F8775F38AA785654226EE5EE380
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 5F1A998F2930F10C728CEB98801C0EDF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0cd8c63c53c31472%26uid%3D
Frame ID: 6694F655E09EC46F3373B9044C6DC6DB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Frame ID: AE2A3D8D64C1256BD100599DC182E44F
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: DEDAC4A21E6184DB23BF14846C7E27C1
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361&cmp=0
Frame ID: 3825BBBF05ECA548F709A33E14D4BF31
Requests: 4 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: EDCAB9AF98B8882EC95BB8803E0AB7BA
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: FBF2BF8089706C3C1B6FE86B568C8FD1
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/8fa0b37c-db09-4c93-af46-938fe7975887?uid=AKq2Kn7oOjAPYjgj
Frame ID: 0D8A48F8F829F905B2C982CE220BD51B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CDC Withdraws Use Of PCR Test For C-19 And Confessed It Cannot Differentiate Between The Flu And C-19 - The True Defender !SearchClose search results

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

418
Requests

87 %
HTTPS

26 %
IPv6

98
Domains

175
Subdomains

120
IPs

11
Countries

10776 kB
Transfer

18305 kB
Size

90
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PUYqQnxtenduUUgzQ0N2Z2xlWU5FbGlzekY1SlpDdkRhK1YveXlVOGl5Y0VHWGxGY0V4dE1HWnR4NEJZbkJMWFFHNGRiOGlWczJxZFo1WTFodDdxUDJyYXpobTkyckpyYitmejVrbGNmY2RTcmQ2VC9WT0k2N3h3TEt4THZKSTg4RDZuc3dwL04vTW1HUW9tNExPZnVnZjdaNWRPcER1NXgveVl6dU8rU2FkR29HazFRbkNydFRPVmtCZWgvQzdENHhEMXBxUUYvelpYZDhHRUsvMXBtUWoxaXBsenkzQnQzWkhWVmtOUnBTL2hWa3lHV1dCeEdQSEd3MG80aURzaVZadHZBfA&cppv=2
Request Chain 112
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F HTTP 302
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Request Chain 163
  • https://aws-fr.bidswitch.net/imp/0.0555/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R46150692_Qrtbwp_R_I_WAUCTION__PRICE_X-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0_Qrtbdata_RlP4vi3ASJDMVKgLCxZCxCkj6__6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa__gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo__9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG__VwI8IBe__Nc0_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/m2WeIiJlHEcUXI241uRRZUcg72FHJdjY3HMTWaF4eYskk_OxAcqxCihgfRV6d3hJ7iRP_NKoh8kb-RQn7CZ3XOUVSflw5Pe-jWHyC4IGqnd28NWMzDznOEOeGrmPeKrRryQ4WaWtsqJ2fHltbfdqxmb2SFNvCu7uflly6GXCt_sKHugQsAxye1mpWaXMxtzJMVH9ElZrQbOP3dmHXS0iaesxlsxEsBlNvCMTv4Ax-alMl2QWkOCRuemFfolm8--v0_CCZOyFd8wWOcojY99KbgT96dBKJ5o9XEmzqs6YVrhV3QGUIZ1rZhUGpS-fU8KmrgTjSm_d31x11lncIFhTwtAo7_ALc6RLdY5v61V71kiO4x--_X5VQMcknKeaRN50lIxc5vRcCAP9LAZEff4LwV3ul4HL4bNXbsCA9ZFwmios4w8B_ZPCbm36YRHcxocWPoTIGOPNA8vLuIOr5WROE8BuzEnmCkKnZ_v7PhjP58np7a65gQLgIEqgtMdYrBWUmAwaRq5MrafDDNxetlV07GvleQh274qTYjC6qZLahlLGcnGzSXwHSGfBHhHVuMRGIhWaN1doaa4A4xFcVwAkjBlxKcJ9SeBC71jvFMT9gHPnojX2JbqXfj_q2QiTUlg0CfbyMFlhQorf4e0kJF1Xjtqbow_hXjQSP07rCkN_Q4xM2nQKDvYG2O1t1R_kjNjIxavVnL9ogOaLrM1I5ofOBVal604f7sUyMCYlRnBEPHLlkCTuh0nyad-IBuGpfASJVxltkRkOLTNqe_bVlY-ELl4HllNnGsrdAh9NZ9fZVSgHturw07Grw17xD3aK9Im-23gjBm17CyATcMg9nwwBGGylSOpGxrCVVZJXrp65A82R4z9ukJg4J26hqNM4kWdczONC8fwLTl9R3zAISIw7hdJJIrMVcdPgod6hg-dfH8gGo-EaRcSk2ly0j_F4IycTd7D9Bg0fKPYBGIkaLRrFIEHbofvolr0eNWLnKpKOSKuhmg_x2EnnMywYyeOlBoyGt-Lxy12Fz4qvQ4aH2iLCyBEZHuRoAgSkBDU62p0SQAJowh7AamZQbtiNoGdhwJtl7YEXij2xRe0CELc-ozMgIdCGna5zc8ymwV802CQm_KIJloMLkQzOKsDbr-cydUwtvyHo4ErvMzb3HbBhtnpkfXETPLZeI7e59Y4yN5RqvI2Q/ HTTP 302
  • https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG_VwI8IBe_Nc0;OOBClickTrack=
Request Chain 164
  • https://aws-fr-sync.bidswitch.net/sync?ssp=fmx&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=fmx&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5648732318522358521&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Request Chain 169
  • https://aws-fr.bidswitch.net/imp/0.0555/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R46150692_Qrtbwp_R_I_WAUCTION__PRICE_X-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0_Qrtbdata_RH-55N5LJ5xDG__4BEHQXhkXHN0N__VLUOJ-xNxQiBopIVrXy6pmCaZG63__9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa__gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo__9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M__FxZ50_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/hMPTt7XEKCL960nilk_gEoh4UjKo7oh9Rkln2MQfmONSKUzlzGeVAagcdfEaa6O4SIatETWfuIGoO330wjENs5oIUQtUMKOKPo2wYhGs4XQXKI9wcD-mKgOkJpNxGhsP-T258ZVZ8Ja_O0bpEyzsYDx9pziyQ02s1g0_Shsq1XTu3HQNsba_gno_f-v3cEUKZVQQ_SqITZo5w2_YbjvG-uTeogXQp9GgjGCdByRA_goC1A5SWtrQ5EICCDk37F9MPIWyaOyAjrSBW8e8cUMBahe4DG2X2rj1HtrsSabbqTKcYMf2Xh2W12iURHS2ShjA5cSbDg6o-fAecS__nyjdZ17D1KU-R5PDIR8ubMkqECk3bdR5u4NBfj-RWdd2oJZR5UfZ0aEdRC1pnqrVpWZ5AkC0ROPd-0FJbZQbYpl5IuIp-ysjH7ts7-iXtUB4q2o6Y4loFhjqMM6QFsnmmL55cVu803PRZYOyMlxweSCSVN1wkHwpD-Wy6gNVZaCzGwGpQyRMoK2VttflXp96UDD9h4eeJ4iBYkDQiWgFagH-NNQhJWK7bgCuE_HbLuZmlB28HYbq4CxbhZAU1-QNYGHMIT__mTxzW0PU73vy_TP0yF-PAQKQTYbfIK3z-5Y5nRs59tXBMqgEmYJ2uAvO7izszLNwK_dGztHJA0G0r-WbZvffwfHre5fKENvjHovINQtqf42q-sz_RCfKRoAjGrQxVQVkM--WGHTRX4J995ikE3FpyMRdcBQyN8H5M7OwAAMS7XxnMZhNe3g1Zg9SkJoMXHswYXV5i7vBZiGzrfisCrcb-3Ak1WhyINdFz7cR-cLQkbNRyJ3R_jz9eCRuABClGT0N2jofhWekqRz-ugQKhmWDbJl4FFuXuH3Np5ND7ywxGYyAO1euZixbkjTCqzKBLstKFOhlrlT1gcQdpg9D4tvZQQPfa48uyS8MWU_KqVTXUaBLjVrTE44Z7SFQ4BpJOUFSw0tPv4Yf7MNU3dhXIKOKPHITZVi1nZnjLH-t8MBLA_tiI_CDmwYBGm-Q7lvjimVOKsvLme1FM4T3aM_toEeD2plvz0z6l7OwN5ZhiDS08RR5rZ_A1_LSV1SegILzKc05GUKyX22SHoGUorJVt3NicO2KUbU3jAgBU6MTqYX_GdE_qFc_sJKcHduOFCr38wAmMQNViSruhBBdc3f3bA2t/ HTTP 302
  • https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M_FxZ50;OOBClickTrack=
Request Chain 170
  • https://aws-fr-sync.bidswitch.net/sync?ssp=fmx&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=fmx&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=54144004503468078&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Request Chain 252
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 253
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 257
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=1286289101 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Request Chain 258
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=1286289101 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Request Chain 259
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=1286289101 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Request Chain 260
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=1286289101 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Request Chain 290
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&dcc=t
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdQKkURCNwPKNxbaVPHnRAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YdQKkURCNwPKNxbaVPHnRAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIF8diqlcGNvGivauQCxm2w&google_cver=1&gdpr=1
Request Chain 295
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 321
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 333
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=8fa0b37c-db09-4c93-af46-938fe7975887 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=insticator HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=insticator HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=65bd5450-c8ff-4d8c-9185-1bbad3b5b269&ssp=insticator HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/8fa0b37c-db09-4c93-af46-938fe7975887?uid=c6abe74c-e537-488e-bb99-f0b4a83e6663&gdpr=&gdpr_consent=&us_privacy=
Request Chain 335
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/8fa0b37c-db09-4c93-af46-938fe7975887?uid=52007b0a-9807-417d-b305-ae354576cd36&gdpr=0
Request Chain 337
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%7B%24UID%7D HTTP 302
  • https://ex.ingage.tech/v1/sync/acuityads/8fa0b37c-db09-4c93-af46-938fe7975887?uid=f0bc023a27acfe141395e0e1a465f2441f0411f8
Request Chain 338
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D93c5f73b14d91a27%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D93c5f73b14d91a27%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=93c5f73b14d91a27&uid=0bcfe7586dd1cbe89e966999
Request Chain 339
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/8fa0b37c-db09-4c93-af46-938fe7975887?uid=504a5ab2437c2d3fd31d0010
Request Chain 343
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15b961d4-0a93-4000-9579-d9ee48656320&gdpr=1&gdpr_consent=
Request Chain 344
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdQKkwAC-9K4CgAF HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdQKkwAC-9K4CgAF&gdpr=1&_test=YdQKkwAC-9K4CgAF
Request Chain 346
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6945726911317896488&uid=Q6945726911317896488&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 348
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2488044011064200694
Request Chain 350
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMV7RAewv3x2KxxcxNjVmUc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 354
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ff3bc3d3-e676-4d04-bcea-70326c132102&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=78aaf8f4-e3ea-4839-93a2-b29fd5b0abda&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 360
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=350a5d6f-5747-48ce-834d-8ef97b0cf090&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 361
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1ed621f7-c6cf-4c89-768a-0b1572265343&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1ed621f7-c6cf-4c89-768a-0b1572265343&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=69806896475093252952859301937886538118&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 363
  • https://bn01.er.bemail.it/zeotap.php?_bid=1ed621f7-c6cf-4c89-768a-0b1572265343&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022010409-14313-0.296316001641286294-1817f24f3fed23ce4014f3f84b7143f2&zdid=533&env=mWeb
Request Chain 364
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7049270943221151891&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 365
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343
Request Chain 366
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ed621f7-c6cf-4c89-768a-0b1572265343&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ed621f7-c6cf-4c89-768a-0b1572265343&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361&bounce=1&random=212296471 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=rbYigYLT.JMBUSwS//yJZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 368
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1ed621f7-c6cf-4c89-768a-0b1572265343?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1ed621f7-c6cf-4c89-768a-0b1572265343?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=66216b71278da514746612813b9ec87&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 369
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-Wm21rWtE2op6ThLsGMySLBb90kMDIu3dww--~A&zpartnerid=570&env=mWeb
Request Chain 370
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n5%2BBsrnoikFNQuWVFoRXTXfVfEUECDLg%2BS41iYitP1U%3D
Request Chain 374
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361&_test=YdQKkwADBBBufQAm HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdQKkwADBBBufQAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&_test=YdQKkwADBBBufQAm
Request Chain 375
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=15b961d4-0a93-4000-9579-d9ee48656320&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 376
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 377
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&dcc=t
Request Chain 378
  • https://tags.bluekai.com/site/87734?id=1ed621f7-c6cf-4c89-768a-0b1572265343&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 379
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Request Chain 381
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0cd8c63c53c31472 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cd8c63c53c31472
Request Chain 386
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0cd8c63c53c31472 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0cd8c63c53c31472%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cd8c63c53c31472&uid=8621192223309356306
Request Chain 389
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 401
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D7cbe3db7-6f8b-450c-7116-bf575360e3ed%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
Request Chain 404
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEVwE7DqBUAAEA02gDEQw&expiration=1642495891&gdpr=1
Request Chain 406
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641372691&gdpr=1
Request Chain 407
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=gP01T4ataEib-WNC0v18Ho-vNUibrzAfjv-WkMhD
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
Request Chain 410
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a08e44b-77d4-436b-b780-9bdf7601c0f2
Request Chain 412
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

418 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/ 		199 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c5750333e485101eb81fe2c330bbcfb26a51291bdabd15c26223d716e1f8a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-type
text/html; charset=UTF-8
cf-ray
6c833992abb15c2c-FRA
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/41049>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=41049>; rel=shortlink
vary
Accept-Encoding,User-Agent
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
cf-railgun
direct (waiting for pending WAN connection)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
x-pingback
https://thetruedefender.com/xmlrpc.php
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiqVqHFI0PmRSKwlVxo6WQQbWlH37u6BRB6RhmX3%2FVWKdgl3QlqVam6nUnp0bRcgwC5OdRO26cf6AIP%2FRv%2BS7isTBDAZF%2FzTNSy3B34gnu2Rz357CmtI5F1nU19TCFcn3CyEv%2BXUBVqV6iDQR7ReVBo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
this.png
thetruedefender.com/wp-content/uploads/2021/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252
cf-polished
origSize=21749
content-length
19502
last-modified
Tue, 05 Jan 2021 23:49:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mzsCe%2BLj%2B%2B8Bof2cuNRF89r5AwFsYTwWuIQyHtN7Flt49dgeGbxMscVJHZl2jG14lUPtiRandT%2B1tbGy1fzkR06HqCBwh3wIix2iVR6Wu%2Fx0X%2BqOFlmMX%2FY3hDw%2F%2Fh21yPxB62HUJAwSMH%2B6RYFeck%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6c83399ad8bb5c2c-FRA
cf-bgj
imgq:100,h2pri
Capture-308.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-308.png?resize=780%2C470&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d632aa827f2a336ce5d2c49cc650a79df0980ba157949a9579693403ab724ff0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Dec 2021 16:35:44 GMT
server
nginx
etag
"0e652aada4b0bd6e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/12/Capture-308.png>; rel="canonical"
content-length
165598
expires
Sat, 30 Dec 2023 04:35:44 GMT
tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBpPi5hsXpRTtknDTo9nJZdnMBF8LeK185Scc0sn6Gi78cNpSh8fFtRh5CulAKMj9IM3iZciz3ormISd9D%2B4n2coiSYmGdlvfUTArVhLDnnzW7gL5i1QloqkDl0aEUfF8XRRE7zFWxDMOkepq4Mt6%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8be5c2c-FRA
fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8iCpXp10pbR%2BL2VXQHi%2BtumW27wOSoDPzsIsv52ZPYj%2F013x%2FLf93h5s0%2FzVwFKRORrz6ZhohtnlEHAQgn4Cu%2BtGMItGpKVrTACDxbD1p5EQTNw%2BhbxAzd68HJS1C8K870NN3jnP%2F%2FfQpfxG1qPyX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8c15c2c-FRA
fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bih06AvBsJGGJhhR1w6qFltQdEZXDLfbljg99bdJ6Xxo0FRVGjxYoSv3rwwbkc08U7nhCQhcP2MqMSA4QGGf%2FskUMs6iykdGjqkgCTwYn%2BMF2o9a222mDcvKzp4ia8DQjr85RY2BxbJd97gB%2By679bA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8c55c2c-FRA
fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C07Wzy7cq3YRDX4r79FDYB4MTTb%2BSjtvBtPf%2BQOUF6P%2FdTF8j13PB4JAIODpJtHSmw89KC472sLYGYZReyK2S3hzccVj7Gp44pv8%2B%2B0oiVpkgycsNru3O%2BCnLWHE0of8kmcR7A6CAqel2OXBR1Glo3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8c85c2c-FRA
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76419850b28c02d07aac8b35367fc514dee9e67666b5de7ac5507fb3044c8437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36169
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jan 2022 08:51:26 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij2v7kN9v4dbdv5uWEQS7h63ibn%2B0yVA%2FHJQ0nfFoFt6l3SaqCj0p5HjuvX%2FzAs9Vqac1ofOLTapH4nvc2iDvSDkmXioDAN9%2B%2F47OqIJJg9k61ehY6iD2b4kSi5pi0xRmMOrNGnsIQEnCa3OmJKlGMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8ca5c2c-FRA
style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzyW0wg0izBoHzDG%2BMxQQMNhd%2BjWxDgf6I1iT5fLkdsC1qZOx%2F7BqMoMbwPI2dzd1dY5fj%2FIhkyTrdz361JVJ2JZIueN%2FgN22USmhePEi1744E%2FAPehnCAJ2lUUPprm%2BYBW%2FpPwyqKyG3XGjS9cezc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8cb5c2c-FRA
widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bILdd3I1sX%2FwBU7n77uT4a7cUbbK8vxZJ90SVhrJwbS2prrL4zVp8LkJtrHcwSxnsBp3qO0b8e7Zr3gr7YJ6DzJVO1VEOaRr4AXBzxDQL5JEQkeFeKPhQVYzYirG69dpMNed3hNWow0jSbGscPo%2BG6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8cf5c2c-FRA
helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXU5wNNp1i%2BglhuLbRUXBc7v7vcrMMkWJPHgcxnGk2QfkzK9iZeF4tjZ6rbDNcKjMkk11rNYQfsiZ0UGFYu5Qi9o%2FFRMnYpX%2B8nj54H5Dh%2F%2BsUWgc0GS2e3DLssA5NCoiEParlwv%2FO3gCmHhvycGnuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8d35c2c-FRA
fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
cf-polished
origSize=58662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMOiQcRUHWmNEIsr47aEFPbsaYehMGAfWo2Y%2FoO1e3lY13%2BAQ2Hgcbm4UiooXUFUhvA6i0cJIHqy28pWilzuduwbpXWB6xk7BrevUxeIWF5AW7jVuh0RbDODcnN%2BZpRn0FkSUHPwP%2FnQ9%2BL%2BxYyS6Hg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8e75c2c-FRA
cf-bgj
minify
skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
cf-polished
origSize=12018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2GtwGJHZgfRcCJR7vuEwR8pIAeJWNf7BKE6ZjLYL29Z9gmm0dmhp7A6RJaRUYOTY7sWgfxOQErYPHsBSDXaRcEgwNsix5w1r7cJGkUnmYyTc%2Ff48xjHTEZD20R1N6VgZUp82ATXlI%2FIRJTaF2dfNdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8eb5c2c-FRA
cf-bgj
minify
shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EFPqXufgcTPFoqI8wF63glbx6ypgXrCrY9leKrLrKCK1CNQSWUrXw7guiRsipA%2FiWzhDQ%2BmVYn2HkCN%2BtJOio2BE1Q9wvMXWwrVW2%2B4%2B36UUPomLn1L3lxnoGM%2FpQ4TdLOsauvCDQ2A2iDDDs1069Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8ec5c2c-FRA
single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K53rJ%2FBsm1avYffzzhF%2F6ZVD1sH9bLGe%2FUCuc6PFHdF5XvqQt9l6WDyfosVwav0Qd3jqvCTQT4s8JNj2ADZTjJB6VO9Y6hWFPfklZQLPtP%2BkP6nZGm7Rds9trV7cPbKEEAO7L0D%2BGminXEgC1HA0tvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ad8f05c2c-FRA
wp-emoji-release.min.js
thetruedefender.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:55:33 GMT
server
cloudflare
age
2251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBzcTLB00Fe%2FuDa6gJP5bA8DXb3sOnYyKlHM71ec01lOti0P%2BrJCsMSD3TvoeQx94yGZgQNUUybBzzFnobylGMbeHl7LDxVZx4pMOVRTqQYWb0H8Z%2BN%2BZEbHq23mJEgUIzNCq%2Bc0Rzg35ZfAqeL5V2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399b29865c2c-FRA
print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		2 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2251
cf-polished
origSize=2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhsVtHbT1t7kUhB2Odk0H%2F9CJPSV8FcEuiT8Ig69%2F0sIV5nLg92tgBe60CCa7G3T6XiqihuEkEnkSy48%2Bf%2FVGeVvz1crbeJ3pmrbsvmjLuG1m8PU3tf43jwFmUPiWQsYMb8OHOrLXaQTTKzFxqiIRlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399b49b45c2c-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4592
date
Tue, 04 Jan 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 04 Jan 2022 09:34:54 GMT
jetpack.css
c0.wp.com/p/jetpack/10.3/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/css/jetpack.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
frontend-gtag.min.js
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEf7OjXwqMh0zYttaraS1JL4vJSiLIXivm5tN4qJYb4VU5peVVGoT1n%2Fpz1%2FA2IcitHM%2F%2FCQuMlSmEpdDexi9%2FoHFK0bb6DGWOSjEXkeu9q9QQrdOnNu5E%2B3p8WU4%2FxH5cSPGbTtCyZoHK6ACKcElc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399b9a4f5c2c-FRA
jquery.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
frontend.js
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 		439 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:16 GMT
server
cloudflare
age
2252
cf-polished
origSize=1539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUYUblZGbvdcHUXYAVzaZAS6C7Jo4Lw7FMwollJd4oJLQBBuO7OUsF1%2F%2FsH4TDH3XXhAHBdJ9CEwtEXw6vcnuHF1znK9mPlB3rhoF284BG10dRnEVjdpnlB39FLEeWUwS1Yr7jSlvZHvpdqjetOXEjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399b9a535c2c-FRA
cf-bgj
minify
jquery.form.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.form.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:53:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
just-contact-form-ajax-script.js
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 		388 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2020 12:53:32 GMT
server
cloudflare
age
2252
cf-polished
origSize=463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra7N32pgQx%2BRxII%2Bc8cNBm28xVSCquAYl3Gx417caS8J9gCDwRKsJLluPsqMyBG%2Fb5CacSKsuZJvB7lcNItTR9KLCEhTB7y7RZakhYDsgp7HMKNTx8XTtlRml3WV5sD%2F9oie3KI4I9PX31O4g0QbB6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399b9a565c2c-FRA
cf-bgj
minify
/
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6af1450648f20f17fc45444c15728cacd9214b9f7ce41c02ab1d6cddb3b466c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
1681
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"58a0b-Qc3iW8rBbzEhVpHPHlR5IQy98EE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-cloud-trace-context
eb8581ca093e19cf703b0b429f94c7ef
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
cf-ray
6c83399c3ca10ea7-FRA
x-amz-cf-id
OTPEWt0VC7cjouPcleZ1VHJZyolCymB4BGDrrt5sNMGC7kTdR-ALsg==
bb28d960-28c3-46bc-ac88-49bbb3388212.js
product.instiengage.com/product-loader-code/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
bIQ9716BHe3t43Xg6yxx44tQ9I26K00Z
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 20:40:54 GMT
server
AmazonS3
age
439
etag
W/"3e178191a86d02cb48d2376422824cdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 04 Jan 2022 08:45:18 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
07m-oasU2-d1Kks0Qcn2K7KeG7oJj7KR3ZBRoHCSDyqQV3vG0eE5Dg==
f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
cmp.optad360.io/items/ 		2 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:28:01 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 09:48:14 GMT
server
AmazonS3
age
1406
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2
x-amz-cf-id
M9wsiupqmiEBkxWjZ0JZUCmmdc8VvW4o5gwzgWbwBxLj5CoOAmKhXg==
plugin.min.js
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 		2 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ec00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:23:43 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 08:34:55 GMT
server
AmazonS3
age
1664
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2
x-amz-cf-id
L8Sd-N-1JxwCOH-71ZB9advVJbw9wfrpbzqA3xgzWh559nI-Zvd7ug==
lightbox_inline.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox_inline.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
AIuCN8rPaYWiXdzPPd1cEA==
cf-polished
origSize=2379
x-ms-lease-status
unlocked
last-modified
Wed, 01 Dec 2021 17:48:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
ab5aaecb-301e-0001-24df-e619cd000000
x-ms-version
2009-09-19
cf-ray
6c83399c5c08f91b-MXP
cf-bgj
minify
thetruedefender.com.1229464.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258c3c8991ced4ff294714e8e52d949478b0e181adc508824e00b439e16b8921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4172
last-modified
Thu, 02 Dec 2021 17:02:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KXNPTPE3DBJHJGG5
x-amz-id-2
JGP9bam6nwYd+IVX2PmDSKj64Q2hfnR2foiErFVTrnqKh8nkl7ipkg3LXI8CuCKQMOq7q4nq6tU=
cf-bgj
minify
server
cloudflare
etag
W/"12c98d209166a2397db3821834240861"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399c4b9043b8-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
thetruedefender.com.1229463.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870ede092e06e98814bac272a1184df0320c010282aa2e3402854d4183a7c599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4048
last-modified
Tue, 30 Nov 2021 12:56:41 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RHQCFEVQP64EGQ9V
x-amz-id-2
hkSU9iXEb1JGWdxT1PdwvklqrzZF353YVXhTiLHZSbc0eZjHlzDCJTw65vsrE8qvJgAQN20dnZc=
cf-bgj
minify
server
cloudflare
etag
W/"63c1e6767d43b23939047e20877855ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399c4b9343b8-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
email-decode.min.js
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:15:20 GMT
server
cloudflare
etag
W/"61c86ae8-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDk%2FnJgZ7YG%2BZUPD%2FflAM2cI99YjwE7IDsqXV9QDLZut1W4zU0SYYHsHViMnQ2I0bEY%2FGQA6yiZdTZN4x2Ut4zhkjtpaS9NCef7ymWJNhRVauceZg7OOMBVTZ3iuvNqelIaeIJy%2FMNj1FTUfhuYsU%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399bcac45c2c-FRA
vary
Accept-Encoding
expires
Thu, 06 Jan 2022 08:51:26 GMT
thetruedefender.com.1229983.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd05863522b536607f8b669ad1ebe934ad487cb8252a4f6bb9f44931681cbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4172
last-modified
Wed, 24 Nov 2021 10:55:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RHQ430D05FKSQ8RR
x-amz-id-2
pdTOiMWajJRyEeLoMo7bQJS/Ntc/rvy/GZsWl+3OgV/EHpfL9WHuv0P6wblgNbnwvysLxBNdPkA=
cf-bgj
minify
server
cloudflare
etag
W/"c5065e54c82b6663bfdf2509cb7062bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399c4b9543b8-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
thetruedefender_thetruedefender_sticky.js
cdn1.lockerdomecdn.com/embeds/ 		1020 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9600:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 16:39:44 GMT
server
AmazonS3
age
4556
etag
"5bc9056f1e2006913082934b4e7f8720"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 04 Jan 2022 08:08:33 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1020
x-amz-cf-id
Cwuvw_sWJGL84aQAdHxcDC2raNVEfkwoCqftbVgh7yhBxbKsfnVWgw==
frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
2082
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to2lLv6j%2B%2F%2FTkL5sc1rB6IXM42UW42su9SfRr0B1tJ%2FD6VNEnHOPPzoQbknxKle0ghpszt6%2BXqE6fGsqw8P48Qf4iipixk6%2BiZza6X6JTH%2Bl%2Bb0gYRXw3CgvxMz%2BXTmknS6Frnfof5bTU3RjUwMhu2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399bfb205c2c-FRA
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js
clientcdn.pushengage.com/core/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-115.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:03 GMT
content-encoding
gzip
server
nginx
age
23
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fEUUkzFFiwS_xZ3Z-Y-tq30bUbZAYcUewIFQ1sTAajskGKaZKAKvgg==
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
regenerator-runtime.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
wp-polyfill.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
hooks.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/hooks.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
i18n.min.js
c0.wp.com/c/5.8.2/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/dist/i18n.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
jp-search-main.bundle.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 14:48:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?ver=202201
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0d2307ec012442cce1d50ea7f669e8cd990b528e1d5d1e745d9a01f8e6314ef7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-2a3c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 02 Jan 2023 16:07:08 GMT
intersection-observer.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emt38G4lkdu8UwMB6kGSKHwWeAKiQTkq9MbmUHe2hV2B3ssEv2ALa0sVfqnuoEwiCPGYGUfzNxpydIbPD2xHnEHs%2BLCjw6wWR76Lo8cSlkuZjEn2r38Gd6c1EbIVxbOXepR7hKnWR5WyYjq3WPxF6UA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b4d5c2c-FRA
cf-bgj
minify
lazy-images.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6mIN%2Bt7FpYe9mWRdLongeHn%2BB%2BYn88azyoqW5pcCRq8k3XfHqY7deZ88GTYoXnINXvqku%2FSZCvfkCyejh95ZSPs4psJHOpa4AURy7Hh3GgvQV7fa449EB%2FmSqAKOzSu1fACtRbHByQE%2BkAtRq03U3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b4f5c2c-FRA
cf-bgj
minify
scripts.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BbaPEUCx1Vm8ufHII2pj6Iv47SsVCfeFUUiGQiZ24CACKMTt6D8qK5Fqg6qvqGehRpbXpFbAkHumKm4wFEJ0tiM9BRWIz6AdtpCK0F%2BCRpP26H6j10xBQQtxi0sNqf%2BpZEN3dOA0H3L%2BJLoDXuXZwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b515c2c-FRA
lightbox.js
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
cf-polished
origSize=81423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecniT58CxXbk38UrEANlyZvjovxtDC0lBd1UYQp7QR53NY8bg3ZcNcB4viXg9IjSNMVkZthHEscarqJY76inuNxsCrVU%2BJPiBoEe2NGITN9jAvqgocrImwGjnyMc6Al2XHWX7fUgcJKf6sXFIpxNzZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b565c2c-FRA
cf-bgj
minify
sliders.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGXsZeAnysDGbNWOA6kkH0vMsQvO5NLKC9CzVpurI4V1W%2FDELu%2BFwBDIYqthwkwJDcEUWWgzDbU9%2Fv70CKanI0lOwShMrFAjKFknjXodi%2BzTu%2FdHa6A3FCUM%2BzW7%2BNi6LWAq51%2BCq6e1Q16tC8zG0g4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b575c2c-FRA
shortcodes.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
cf-polished
origSize=11181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euVty48pjM2EV%2FWhUIVUJO8sshd3oZs9v0s2SBPdg%2B6xJ5A6vEWr%2BPchvLbCawvxQbY538iZVnJZ6b19fNRNOvARK7RiZIXMoaF5iCOqT3%2B2%2BzXiCyCKn9fPGpQVMGAIzwQba9QM5JghkyOYJyYFDQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b585c2c-FRA
cf-bgj
minify
desktop.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2027
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlH2rlAm8UeuLQoSaDGwSKkpwrG%2BngtFjS4Paqftan4VcRatscECRmd566LhqNT3H5QvUg%2Bkhn2Yjym9kc7lm1DtAETMqaew5CLX0JsEvnehLlGqj3DyAvF1hcmkwlMMnAeDdKUCgUqG3MRKb22%2FVtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b595c2c-FRA
live-search.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2027
cf-polished
origSize=14601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EEjyfjhSS8I%2FesguFQifrlwCJSYaMhQwrjkskmbm5CA94Q5MFyIiLiGIM3KifypaR1ug2YROwYfzDqkZhHMWxRKnli1zub3%2BdxYCfdAGwc0G9cC%2FhUf42c5Qi%2BGrAydR5z2jeiGZxWcg%2BMOdHSP9TQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b5a5c2c-FRA
cf-bgj
minify
single.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZAwf05a27ZgXZny3%2BeaAsj5UV4xtEOst27arWHHTarZtLv6uzD1U4G1FEI%2FlD%2BecYlKzCbKRFgxTeE7b2Y0lzDMmu0qrC2vyBTXAPKyrBf9PI3SC02k75C5FVchi5XBR4qNOkVh0%2F0kP14T3BHEW9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b5b5c2c-FRA
comment-reply.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
wp-embed.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 04 Jan 2023 08:51:26 GMT
br-news.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
2252
cf-polished
origSize=5594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJKjeDexcscSoeFCP2UdI9KmH4oxHtaCYlLZAIlKrfW24anZIu8L3rDWAKhlO%2BmrtmMOlYen3Q%2BW8aTNYfbG%2FFKUZT9xUDA%2FC9y6m2KmCAkRdewD1nMv3dPs6uzGLRE7HEgO8BDnMO0vPGqnZQHg3QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399c0b5c5c2c-FRA
cf-bgj
minify
e-202201.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202201.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sat, 31 Dec 2022 23:13:22 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 04 Jan 2022 09:01:52 GMT
bb28d960-28c3-46bc-ac88-49bbb3388212.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		130 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af8610e44e8506e2be7615782cd4b6c9ec1b971392944bc62a2a0747a0c3c1c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
TdMmqu4RDBlZU9CE0BSZLSq1Rja.Tfky
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 06:30:25 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
W/"b3f6f6247d84cad7ab0850dda4aa0582"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Tue, 04 Jan 2022 08:51:26 GMT
x-amz-cf-id
8TF12qc-pvjHr0o7R5xPIeCMPl0lzsVvfBcQFVTAJSl544XMWXDfJA==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1a00:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 20:11:51 GMT
content-encoding
gzip
last-modified
Mon, 03 Jan 2022 16:28:47 GMT
age
45575
etag
W/"14de-17e20c597f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
Lh7lTZvnRMY6kiW407GdzHgsRyJoLXUEQksozHYDmQSTDhs885C3vA==
lnn-28.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/lnn-28.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
543579c351980562d0f25e1ad5b68b42295e3eadf2c79ca1fdd0b87a38a7225e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Dec 2021 18:10:26 GMT
server
nginx
etag
"cf57059b0694addc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/12/lnn-28.png>; rel="canonical"
content-length
101612
expires
Sat, 30 Dec 2023 06:10:26 GMT
322868_1100-800x825-1.jpg
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/12/322868_1100-800x825-1.jpg?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5a355cc5b928f3705ffc380136d08450674155fec7812136c30b1094d086b191
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Dec 2021 17:32:10 GMT
server
nginx
etag
"fc8b03082fd93042"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/12/322868_1100-800x825-1.jpg>; rel="canonical"
content-length
6818
expires
Sat, 30 Dec 2023 05:32:10 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=103144254&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&ul=en-us&de=UTF-8&dt=CDC%20Withdraws%20Use%20Of%20PCR%20Test%20For%20C-19%20And%20Confessed%20It%20Cannot%20Differentiate%20Between%20The%20Flu%20And%20C-19%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=122183212&gjid=855368773&cid=2051100181.1641286287&tid=UA-186892928-1&_gid=1668156097.1641286287&_r=1&gtm=2ouc10&did=dNDMyYj&gdid=dNDMyYj&z=1774883875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.6124145561177705
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 08:51:26 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=189343063&post=41049&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&rand=0.09975030244552441
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 08:51:26 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
content-length
0
date
Tue, 04 Jan 2022 08:51:26 GMT
via
1.1 google
alt-svc
clear
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
via
1.1 google
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
clear
content-length
15
jp-search.chunk-270.e200588ee02c9e4e229e.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-270.e200588ee02c9e4e229e.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
2251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnI1foq3QQ6K2Z5TAsI9UWsLu0odlvbvGsW1LQV1cEJJlFp5Rs%2FOcG%2FwLbHakLbGlzsWpCfKuOnhB0yC4G%2FUqPqFBwqsehHTbDi40yn9KosH5HkUiMTXzIrgmq%2BOoRMSLEARem8riyBFoBJ8xbTr4gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399ccd0e5c2c-FRA
jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
2251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4TqCaarVOgEwX3RrKlJEX9f3iqFeJGa9cqNlzC2f1IhJ80SllNwg0DaYwwapaF8zHD9fmg0cPeCF6083j8nrBum73ks7QVQVZ%2FcR52SUaxBvAvRjbJMj31uRPFnPO8hZOuYXmFq7QeYOmXy%2F1ZzSHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399cdd115c2c-FRA
jp-search.chunk-main-payload.885bc75706af563a7288.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
2251
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FjTYmFX602Psn9353KylPs%2F13%2B94tF0jaK0TDZvIuRVKBHwd%2BB6vFK13Q2OrDk0Wj%2FaF6kCXwKX6Z8d2cNDnEsOeS%2FONOld6z6U7Lesbs4NYtsRfyh4K3k1sczYQ8AuwVSmIM%2BuHInZZ16VSwnhSOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c83399cdd145c2c-FRA
thetruedefender.com.1229464.es6.js
jsc.mgid.com/t/h/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ce7903d938e7354183e90e6494a5f52749f8fb7a6a432224b87df818919db2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
3974
last-modified
Thu, 02 Dec 2021 17:02:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
ED444KAJB42FQP1V
x-amz-id-2
1Vx8XZFnMmkzWR+Ka0LnUZrJZlbF0BqSL/c69MjnXQTRn1rkttl63O/T2CSW6KLwmJHHFRActHA=
cf-bgj
minify
server
cloudflare
etag
W/"e72aa93ead576c23423a674cade83906"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399cfd964e1f-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
thetruedefender.com.1229463.es6.js
jsc.mgid.com/t/h/ 		244 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71ff347b718f921dccea0aa5a74a83dc47dd0f6d282fa496a9a2666c3dc72c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
2434
last-modified
Thu, 02 Dec 2021 17:03:11 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
ED44HE4B765N2247
x-amz-id-2
32ISHP30gUUj6gM+7QloTLQA3f3D5+rSR0ZlrjlGX/ZShty+rNXASwqErHMJVtIV/9K+eXx6/r8=
cf-bgj
minify
server
cloudflare
etag
W/"8ff3975ec1c4d902aa00acb9972cd6f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399cfd9b4e1f-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
mgWidget_1.11.65.js
cdn.mgid.com/js/wglibs/ 		359 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46480d7c4b292a057462dc9b7c854504a5807063e2788de35245b56b7385b4b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
2803
last-modified
Tue, 30 Nov 2021 12:20:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YQSHFCFW62JSZGCK
x-amz-id-2
YvRDd7o4epooJgBLVwmQjXyWLeMdbfcYbE7Sk9M7BI1wYLZQrGRPPGwUMxDv7zdvdbgxX1i15gw=
cf-bgj
minify
server
cloudflare
etag
W/"908bfbb7928e4c9194c6855956b791fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6c83399cfd2d43b8-FRA
expires
Wed, 05 Jan 2022 08:51:26 GMT
thetruedefender.com.1229983.es6.js
jsc.mgid.com/t/h/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6cb0f5e2652428d28bc89a7ee2bbb5bff7f695539f18b381b1ce1421691737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:26 GMT
content-encoding
br
cf-cache-status
HIT
age
3974
last-modified
Thu, 02 Dec 2021 17:07:54 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
ED4DJTPH9YE7MEW7
x-amz-id-2
s23rkiHT86aMIHHUGTuuVffQqqmScfpnfDC8r9YYLzFgoJUMvsp70aDIICWspI5XZPFNpy+c208=
cf-bgj
minify
server
cloudflare
etag
W/"27d61387feb6708781d29b1b11deee3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c83399cfd9e4e1f-FRA
expires
Tue, 04 Jan 2022 11:51:26 GMT
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9600:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
JlrJxrw4PUHBe5vaYNP.8A_1stk_uR92
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 02:51:44 GMT
server
AmazonS3
age
14637
etag
"1be285356b5d9ac3d0319cc622757910"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 04 Jan 2022 05:01:04 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
17333
x-amz-cf-id
tstkU6EkxRXRjqKM4eAX75DaHD2V2tDBFu0DM91Eia-giWIIG1TAFA==
/
geoip.instiengage.com/json/ 		242 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
61592100d3a35933fdb0d11ace2195e438821177da3f5c653005d1347122c380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
x-database-date
Mon, 03 Jan 2022 15:40:32 GMT
content-length
242
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 1296 		73 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Tue, 04 Jan 2022 08:48:13 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
3rH7VWNzLlf23TBACZOKV1G-TOYNzWHDdn4AGmq_QULYH3olUK9-Rw==
age
198
entities
users.api.jeeng.com/ 		145 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=5.6&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6db53035915bc97c6b3f3617171d976ff4478e060426db6061b404a1e8321389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
via
1.1 fbc8210d21f6d43d0666226a15960b78.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MXP63-P3
x-powered-by
Express
x-cache
Miss from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"91-FeGRZBVZX6RLYiprrToNEeRogBs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
79adad9119ab675ba94428a001c7753b
cache-control
max-age=3600
cf-ray
6c83399d5aa70e1a-MXP
x-amz-cf-id
CflRxqaygaZM7_2Cv1lKCGKg8A-qLFcw6mPTdkLFCzr6GTk12vTVfQ==
01552dc04c1d234a01413add9d8d09cd
secure.gravatar.com/avatar/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5fbe9ba88d92aaa1bd6b215881e3a4e52ab4af2138d1907c2b84d28adfbe487

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT mxp 3
date
Tue, 04 Jan 2022 08:51:26 GMT
last-modified
Wed, 17 Feb 2021 14:09:30 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="01552dc04c1d234a01413add9d8d09cd.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g>; rel="canonical"
content-length
39868
expires
Tue, 04 Jan 2022 08:56:26 GMT
hypatia-h_eeaebd03a23c458199758153559f4e00-h_6fcd0548f5564f73592024a76c5a419a-300-scaled-1.jpg
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/hypatia-h_eeaebd03a23c458199758153559f4e00-h_6fcd0548f5564f73592024a76c5a419a-300-scaled-1.jpg?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
dc027f2c4edbc70d2839f0b120e3d20efb0052f03de66f0e562a4d3cccbe0915
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 00:37:58 GMT
server
nginx
etag
"7ab641c3ef5b866f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/hypatia-h_eeaebd03a23c458199758153559f4e00-h_6fcd0548f5564f73592024a76c5a419a-300-scaled-1.jpg>; rel="canonical"
content-length
3750
expires
Thu, 04 Jan 2024 12:37:58 GMT
Capture-25.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-25.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
888afa7d08220092b0c5c29bfccd822fe5ff96130a52bab449d8b124ab6803e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 00:37:58 GMT
server
nginx
etag
"3ba58a545c228822"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-25.png>; rel="canonical"
content-length
34604
expires
Thu, 04 Jan 2024 12:37:58 GMT
Capture-24.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-24.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d96f1ea31229457e5c813aabdcee8aff59a9d7caa01053dd613b275686f2e1cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 00:01:37 GMT
server
nginx
etag
"513c42bd7eef5f9b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-24.png>; rel="canonical"
content-length
38626
expires
Thu, 04 Jan 2024 12:01:37 GMT
Capture-23.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-23.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6400110d901dd6fea8969702f4ebbc3615aef26cdd399b279dca430da431b799
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Jan 2022 23:57:30 GMT
server
nginx
etag
"85965b77cd5c6160"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-23.png>; rel="canonical"
content-length
37794
expires
Thu, 04 Jan 2024 11:57:30 GMT
Capture-22.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-22.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
57f12b132699d37ffc44ba1c3b4af922cfed01212b24539fe14ba59c4a8c5827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Jan 2022 23:42:57 GMT
server
nginx
etag
"2114ef63b987b35d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/01/Capture-22.png>; rel="canonical"
content-length
35722
expires
Thu, 04 Jan 2024 11:42:57 GMT
/
geoip.insticator.com/json/ 		242 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.19.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-19-43.compute-1.amazonaws.com
Software
/
Resource Hash
61592100d3a35933fdb0d11ace2195e438821177da3f5c653005d1347122c380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
x-database-date
Mon, 03 Jan 2022 15:40:32 GMT
content-length
242
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 39E0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.94.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-94-83.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
a9f75058-9fe8-4952-8445-a19040619dcd
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
bb28d960-28c3-46bc-ac88-49bbb3388212.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		261 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4200:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3061fc5c79e2cf7d042c38f65a0b2f6f5dc0dc69bf9e23a701408c377db2ed3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
y_c31_Sy5jRkscA0ank4lgtpz7J_7.cC
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 06:30:55 GMT
server
AmazonS3
age
5089
etag
W/"244155a117deba5753f24d9e94651e90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
date
Tue, 04 Jan 2022 07:45:52 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
i8gKr842X8wzI59BktFDkW2Z34v-X3z1fG9Ann0X9mW-Kci_QlQSWA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 17:49:57 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-32dd5-5d3aba23180c8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=83830
accept-ranges
bytes
content-type
text/javascript
content-length
65426
expires
Wed, 05 Jan 2022 08:08:37 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		535 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99b41e7d1526794ed3793c08b551e49dba7f00639c6e26ff11775db8ccba94f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:27 GMT
Content-Encoding
gzip
Age
2377
X-Cache
HIT
Connection
keep-alive
Content-Length
78012
x-amz-id-2
EEDiT8baG+mWdquWx9O4N0CpGoPa2+LVTm47vJK0DnxK0Q277Uh97SSk3QGBtC7OS16ITlqgQog=
X-Served-By
cache-cdg20737-CDG
Last-Modified
Tue, 04 Jan 2022 07:51:30 GMT
Server
AmazonS3
X-Timer
S1641286287.069876,VS0,VE0
ETag
"2ee3711a4e85072aeb6403982a11af17"
x-amz-request-id
NP32JK69AMS04S0K
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
77
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
21637
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 04 Jan 2022 02:50:51 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
gSnRH19YE8vYQo-XL-fcyyHUylsG26N3K2bZ5f5dkEJe6f9gmkIH3w==
13997836195017830
lockerdome.com/lad/ Frame 2C79 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Tue, 04 Jan 2022 08:51:27 GMT
14009642120598886
lockerdome.com/lad/ Frame 7422 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14009642120598886?pubid=ld-2652-7251&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Tue, 04 Jan 2022 08:51:27 GMT
bundle.js
auth.instiengage.com/auth/ Frame 1296 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:58:37 GMT
server
AmazonS3
age
255
etag
W/"3f019eeba204464fe4c8dad30cf9150b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
date
Tue, 04 Jan 2022 08:47:58 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
SgId4tiPV4e6CAU587biD7-D88frfy7lM9LBb1JRgT1AtgblGWqR7Q==
14447308783736934
lockerdome.com/lad/ Frame CA5C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Tue, 04 Jan 2022 08:51:27 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 19:03:29 GMT
via
1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront), 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
age
49678
x-amzn-requestid
06ef4a8d-5d95-434f-81f3-3eeceb1f9c68
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
LYhETGY9iYcFV1A=
content-length
555
x-amz-cf-id
Iww7NPvryfqNCPch5IA_YT7na3YSomxN00_aZyZSzz85JWVmcuIcMg==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
74559
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 03 Jan 2022 12:08:49 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
3qw3lQOIEhL9j_RR02ispbBuTYmUTHuhASxFuN5pAUcNfhop4V0axQ==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1573
date
Tue, 04 Jan 2022 08:51:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=PUYqQnxtenduUUgzQ0N2Z2xlWU5FbGlzekY1SlpDdkRhK1YveXlVOGl5Y0VHWGxGY0V4dE1HWnR4NEJZbkJMWFFHNGRiOGlWczJxZFo1WTFodDdxUDJyYXpobTkyckpyYitmejVrbGNmY2RTcmQ2VC9WT0k2N3h3TEt4TH...
347 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PUYqQnxtenduUUgzQ0N2Z2xlWU5FbGlzekY1SlpDdkRhK1YveXlVOGl5Y0VHWGxGY0V4dE1HWnR4NEJZbkJMWFFHNGRiOGlWczJxZFo1WTFodDdxUDJyYXpobTkyckpyYitmejVrbGNmY2RTcmQ2VC9WT0k2N3h3TEt4THZKSTg4RDZuc3dwL04vTW1HUW9tNExPZnVnZjdaNWRPcER1NXgveVl6dU8rU2FkR29HazFRbkNydFRPVmtCZWgvQzdENHhEMXBxUUYvelpYZDhHRUsvMXBtUWoxaXBsenkzQnQzWkhWVmtOUnBTL2hWa3lHV1dCeEdQSEd3MG80aURzaVZadHZBfA&cppv=2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a1949aedbf6964387c7d829ac236561f21b19908617c6b4343016e89e3bb7d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2768
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:26 GMT
location
https://mug.criteo.com/sid?cpp=PUYqQnxtenduUUgzQ0N2Z2xlWU5FbGlzekY1SlpDdkRhK1YveXlVOGl5Y0VHWGxGY0V4dE1HWnR4NEJZbkJMWFFHNGRiOGlWczJxZFo1WTFodDdxUDJyYXpobTkyckpyYitmejVrbGNmY2RTcmQ2VC9WT0k2N3h3TEt4THZKSTg4RDZuc3dwL04vTW1HUW9tNExPZnVnZjdaNWRPcER1NXgveVl6dU8rU2FkR29HazFRbkNydFRPVmtCZWgvQzdENHhEMXBxUUYvelpYZDhHRUsvMXBtUWoxaXBsenkzQnQzWkhWVmtOUnBTL2hWa3lHV1dCeEdQSEd3MG80aURzaVZadHZBfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2078
content-length
509
expires
0
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ 		189 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:27 GMT
Content-Encoding
gzip
Age
284
X-Cache
HIT
Connection
keep-alive
Content-Length
61460
x-amz-id-2
W7XJY6swrisomyWju+PT8GqF32h9RFEXT8zYyLwRzGYsnq9+0mh6I9edt8LusyWZrpZVrXTaVZM=
X-Served-By
cache-cdg20737-CDG
Last-Modified
Thu, 02 Dec 2021 17:00:39 GMT
Server
AmazonS3
X-Timer
S1641286287.138773,VS0,VE0
ETag
"0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id
VAQ5QBSSJJKQQWVH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
332
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PUYqQnxtenduUUgzQ0N2Z2xlWU5FbGlzekY1SlpDdkRhK1YveXlVOGl5Y0VHWGxGY0V4dE1HWnR4NEJZbkJMWFFHNGRiOGlWczJxZFo1WTFodDdxUDJyYXpobTkyckpyYitmejVrbGNmY2RTcmQ2VC9WT0k2N3h3TEt4THZKSTg4RDZuc3dwL04vTW1HUW9tNExPZnVnZjdaNWRPcER1NXgveVl6dU8rU2FkR29HazFRbkNydFRPVmtCZWgvQzdENHhEMXBxUUYvelpYZDhHRUsvMXBtUWoxaXBsenkzQnQzWkhWVmtOUnBTL2hWa3lHV1dCeEdQSEd3MG80aURzaVZadHZBfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1227
date
Tue, 04 Jan 2022 08:51:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://auth.instiengage.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://auth.instiengage.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
token
eua.instiengage.com/v1/auth/ Frame 1296 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
09fa34da7cec5d858d80284c9af6471ccabff92d300773348163f66ae5d092b8

Request headers

Referer
https://auth.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
search
public-api.wordpress.com/rest/v1.3/sites/189343063/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/189343063/search?aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bfield%5D=category.slug_slash_name&aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bfield%5D=tag.slug_slash_name&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Bfield%5D=date&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Binterval%5D=year&fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=has.image&fields%5B6%5D=shortcode_types&fields%5B7%5D=image.url.raw&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc95f9573545bb30227f96003e963175244316e7d027043423a2e41686cb4119
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-length
0
vary
Origin, Access-Control-Request-Headers
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
access-control-max-age
3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339a0189459b9-MXP
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=373aa896-2215-474d-893d-677b6105f443&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=c687d2ce-49d5-4cad-9fcc-0daa2d7dcce4&w=320&h=50
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C%2C%2C&eids=&pubcid=373aa896-2215-474d-893d-677b6105f443&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=c687d2ce-49d5-4cad-9fcc-0daa2d7dcce4&w=320&h=50
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
connection
close
hb
ssc.33across.com/api/v1/ 		65 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f4ad03f915f1e076b83dbd5a6763ddf515db952f313322c91ddd65b5375e813d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d1d1159b19e8ddffae8dd69cd2af6ba630082dc30a3da0ad4b5366c4e5a81d0d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1641286287306&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
ROS
ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C320x100&ur=...
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C3...
663 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
150d23aa61516aa3cf835518a4e9437b39809b925983a8c8808246af54ad79ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://thetruedefender.com
expires
Tue, 04 Jan 2022 08:51:27 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
663
x-sid
AMS-610

Redirect headers

date
Tue, 04 Jan 2022 08:51:27 GMT
server
openresty
access-control-allow-origin
https://thetruedefender.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.9970621050314503&e=300x250_0%3A300x250%2C320x50%2C336x280%2C320x100%2B300x250_1%3A300x250%2C320x50%2C336x280%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pbv=4.43.4&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-610
mvo
tag.1rx.io/rmp/213651/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:27 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f453c646-0b29-469f-9332-ca2aea52dea6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		116 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22202a2a9407a62c3%22%3A%22925297bfa73ea1d1480f%7C320x50%2C336x280%2C300x250%2C320x100%22%2C%2221a0f3ea07a534c%22%3A%22e39607ea179adf617233%7C320x50%2C336x280%2C300x250%2C320x100%22%7D&ref=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&s=67ff0799-c3c9-4b2e-9d67-aad1934ce088&pv=a6e41344-439d-4ee8-a25d-e1b6615bbb2c&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%229ccc38e7-6410-49a8-8d63-8c284952d1a9%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22373aa896-2215-474d-893d-677b6105f443%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22373aa896-2215-474d-893d-677b6105f443%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c1cf26a25365c6e727301ebd9f54b5ae78a90e75d303b11965dea78a53cf0791
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:27 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
129
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
ex.ingage.tech/v1/ 		2 KB
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82dca79ce680ae96c0e8b76b86658a739b6c1685c2a88f0355ede2b82fa1c83

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6c8339a1ed293747-MXP
bid
ap.lijit.com/rtb/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
dfb86c8635e10135e1dd83eca724042accea2209434a6b189d2475842df2228e

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 04 Jan 2022 08:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
dc.js
stats.g.doubleclick.net/ Frame 2C79 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4316
date
Tue, 04 Jan 2022 07:39:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 04 Jan 2022 09:39:31 GMT
dc.js
stats.g.doubleclick.net/ Frame 7422 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-2652-7251&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4316
date
Tue, 04 Jan 2022 07:39:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 04 Jan 2022 09:39:31 GMT
dc.js
stats.g.doubleclick.net/ Frame CA5C 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4316
date
Tue, 04 Jan 2022 07:39:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Tue, 04 Jan 2022 09:39:31 GMT
lightbox.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame 0545 		326 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1641286287480&lv=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e905c066c86990edffd66350e30796b4795df204c7733d1160fcbed40eaa8549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Jan 2022 08:04:48 GMT
server
cloudflare
age
2799
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
6c8339a0d89bf91b-MXP
cf-bgj
minify
user.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame 0545 		1 MB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637764896418514587
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1641286287480&lv=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74e17624065f7d697afc86850bca0c9002371903ba73b5db27a70d1357c56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ncAWJ+OMHrF9waVhmVV05w==
age
392807
cf-polished
origSize=1872635
last-modified
Wed, 01 Dec 2021 17:48:22 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
93cb5fec-801e-005c-43b5-fde9c9000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6c8339a0f8dbf91b-MXP
expires
Wed, 04 Jan 2023 08:51:27 GMT
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1641286287544485459795&uniqId=0e1c7&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&sessionId=61d40a90-13a90&pageView=1&pvid=17e244940b88670580c&site=674711&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8339a13ef543b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Capture-294.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Capture-294.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e7e7b7b5a058930a53c3e2b86ecd46b60a40a6cbdc4adc354f48b0ce205d7b55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 12:06:41 GMT
server
nginx
etag
"658f2a598827c34b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/11/Capture-294.png>; rel="canonical"
content-length
223912
expires
Sun, 10 Dec 2023 00:06:41 GMT
Capture-125.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-125.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b2539f6f9db483523855e6d68398dae5941fd59c5996bf93043abdc91b320d25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Dec 2021 05:12:18 GMT
server
nginx
etag
"193ef5f7d0850fa5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-125.png>; rel="canonical"
content-length
213448
expires
Mon, 18 Dec 2023 17:12:18 GMT
Capture-168.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-168.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
144dc8356ddfa157a0f63fd00a3cbc33f41d367297925cc7f08a5c6a57410249
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Dec 2021 09:09:39 GMT
server
nginx
etag
"62480e7ba1e0ba96"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-168.png>; rel="canonical"
content-length
221572
expires
Mon, 18 Dec 2023 21:09:39 GMT
Capture-39.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-39.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5079a5f622e56fb5ffb7dc33e18e18f7ea375afd14fbf7bfe038749658ac5cb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 12:12:58 GMT
server
nginx
etag
"1b0727f99a3c7b36"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-39.png>; rel="canonical"
content-length
222874
expires
Sun, 10 Dec 2023 00:12:58 GMT
Untitledrtgfjrn-75.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitledrtgfjrn-75.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
38fe6cfbde5b18ce416177a64e004c422e5dbf91e757c0c58c68c92439a31f73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 13:31:38 GMT
server
nginx
etag
"c77800d654b22321"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/11/Untitledrtgfjrn-75.png>; rel="canonical"
content-length
183704
expires
Sun, 10 Dec 2023 01:31:38 GMT
Untitledrtgfjrn-34.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitledrtgfjrn-34.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
a29f6b1c161c732bfbb78a1cf4b1802997ad6fd7e2d88089c5a0810fb825b398
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 20:50:29 GMT
server
nginx
etag
"22f449442e8ac90e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/11/Untitledrtgfjrn-34.png>; rel="canonical"
content-length
180948
expires
Sun, 10 Dec 2023 08:50:29 GMT
Capture-128.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/12/Capture-128.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
36924f7449ae9cf1935fdba5aa63868a40888c8a1d92157d1fa64cdf005df47c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Dec 2021 17:29:50 GMT
server
nginx
etag
"34704afda6dbd068"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2021/12/Capture-128.png>; rel="canonical"
content-length
262310
expires
Sat, 16 Dec 2023 05:29:50 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
age
2808
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c8339a16dd24e1f-FRA
expires
Wed, 05 Jan 2022 08:51:27 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
age
2829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c8339a16dd44e1f-FRA
expires
Wed, 05 Jan 2022 08:51:27 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637739777016939544
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637764896418514587
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
482226
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
1ee267c8-801e-003a-6adf-e65b93000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6c8339a1c9b5f91b-MXP
expires
Wed, 04 Jan 2023 08:51:27 GMT
z
lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/ 		540 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/z?cb=1641286287643&callback=jQuery1710650231283072455_1641286287631&_=1641286287644
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637764896418514587
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7bcaaa6c08a536b218722578e5daa4dbdcc4fd030c8ced158850367fbc513b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1641286287637&h=thetruedefender.com&e=p&u=43726
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
376825
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
3715a971-d01e-00ca-3bd5-37c60c000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6c8339a1d9bdf91b-MXP
cf-bgj
imgq:85,h2pri
1
servicer.mgid.com/1229983/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229983/1?pv=5&cbuster=1641286287674356023738&uniqId=0e1c7&niet=4g&nisd=false&jsv=es6&w=307&h=1319&p3_w=304&p3_h=238&maxw_3=304&maxh_3=238&cols=1&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&sessionId=61d40a90-13a90&pageView=1&pvid=17e244940b88670580c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29ef9c5435338729cb9e7cc5807b5a54390ca0d95cd5e57ba42c35aa1d70f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8339a2093f43b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1229464/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229464/1?w=720&h=311&cols=2&pv=5&cbuster=1641286287675772301634&uniqId=09944&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&sessionId=61d40a90-13a90&pageView=0&pvid=17e244940b88670580c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fc98434f7d83aae9f8ff231b335d68afa7fa5962c78b128d4f5ae569a97ede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8339a2094543b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1229463/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229463/1?w=720&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1641286287677752080079&uniqId=00312&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&sessionId=61d40a90-13a90&pageView=0&pvid=17e244940b88670580c&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa809d7dfabbc5894008b2860a975909c5e75e5eea74d95ee2cf5f68f955dab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8339a2094343b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2Y...
s-img.mgid.com/g/11533332/492x277/-/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533332/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2YjgxMWIwZWJhYzE5MzQ5ZDcuanBlZw.webp?v=1641286287-WQ0ao0pB_H44bJo2sj8ioEAoDCOXPuIzn9iMCPID5Os
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:55 GMT
x-mg-request-uuid
c9cc870a-0d51-4de5-a5a7-deca48fe73b1
age
2087814
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a299f68ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25154
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzA1Mjc2ZjVkNWRkZWQxODgwYmMyNDEyZTU4ZTRhOWVlLmpwZWc.webp
s-img.mgid.com/g/3805641/492x277/83x0x1919x1279/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805641/492x277/83x0x1919x1279/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzA1Mjc2ZjVkNWRkZWQxODgwYmMyNDEyZTU4ZTRhOWVlLmpwZWc.webp?v=1641286287-qKhZqlQdxPpj9BlNIslWN0YxYTHiXevPEpa4Kqmw2oI
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac8b62de57512270a81246d51d63e227f7e33941c3f02ca5ba8d09e57d07f33

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:32 GMT
x-mg-request-uuid
7daa784c-d0c5-419b-ad98-01193bc18320
age
4300422
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a299f98ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9340
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp
s-img.mgid.com/g/8164919/492x277/0x89x598x398/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164919/492x277/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1641286287-ObXpylkuQRPRfkKOga0ZZ7bi1OWGQOHQ-XoSOvwJtos
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02810e956d84641218d016effe7678e6029cf304707c5adb1850eed9f196eeb6

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:50:27 GMT
x-mg-request-uuid
1ca5ceae-a217-4a99-8f3a-ea0da634d123
age
1189012
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a299fc8ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23250
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZ...
s-img.mgid.com/g/11739852/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmM2MTFlODU0ODQ3Njc1Yjk3MzM3MDdiMGQ4MjQwMy5qcGVn.webp?v=1641286287-7G1NgxE7QJg-uFJB3XBZ4t26OZXlNAY694F2wwWw7ag
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d17817c1ea0611ea15af93023466823589e08ea692112c57f6c44b0a3cd77e1

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
79360e25-5bd5-456d-935b-ab7ab98050ca
age
83611
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a299fe8ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14188
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ZjN2ViOTIwMTgzY2VmOGUyMDIzMDQ4OTYxMzlkZDI2LmpwZWc.webp
s-img.mgid.com/g/11533470/492x277/0x35x751x500/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533470/492x277/0x35x751x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2ZjN2ViOTIwMTgzY2VmOGUyMDIzMDQ4OTYxMzlkZDI2LmpwZWc.webp?v=1641286287--TnIleWUhMqmLxO8lFztHiOD5WpLR687uCessP4n_5Y
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3e6fcd6bcc165def5d7e6a10390a3be7bcbad42dbede13c4d16b4e5ea9dd99

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:39 GMT
x-mg-request-uuid
396f2d48-d41d-4859-ac55-415b67274b69
age
1642823
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a29a018ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9078
server
cloudflare
82ca0152-0a92-4175-bac5-63889a43274b.js
product.instiengage.com/ceu-code/ Frame D9CA 		358 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:9000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74ea4323119d2cca8e06e14e1bcaf5a9fd3deb72abae95b0d5e40cf4c6ed3028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
FhwVBlUd.hKT6eg8rJxFoi8YhwFGlJDg
content-encoding
gzip
last-modified
Fri, 17 Dec 2021 17:16:48 GMT
server
AmazonS3
age
568
etag
W/"7ddc0702d2f32756140e955d4796e52b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Tue, 04 Jan 2022 08:42:24 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
OxmwZifJWLSp8oeq1pPaMs0K2mBOXmahV2P6twOCVN0mPKb2vR23JQ==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp
s-img.mgid.com/g/3860766/492x277/0x13x750x500/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3860766/492x277/0x13x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp?v=1641286287-1gZj_p0FFPaoLogu2WjxYeZsoO8QfElHz1iqx5y5ue4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35e1c057e26849dbf777e7f8d5baec6ad67a3a0305a6d24045c38d9bf037758

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:50 GMT
x-mg-request-uuid
cca653c0-f20c-48ed-a2b3-0c68df466c5f
age
1191540
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a29a048ba5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11974
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzU3ZTFkODk0MTY2MjBiMGVmYjZmYjJmOWRiM2U4YTkxLmpwZWc.webp
s-img.mgid.com/g/3864259/492x277/0x30x750x500/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3864259/492x277/0x30x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzU3ZTFkODk0MTY2MjBiMGVmYjZmYjJmOWRiM2U4YTkxLmpwZWc.webp?v=1641286287-rUesj06RE_FjADaXkpoqn3WgzUGbNWzjnZvdugL7mqc
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc7d5c866f5fa13297461243c843c6bc60da7a8a81496dc4c13881308dbfc55

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:19 GMT
x-mg-request-uuid
c625e2e9-c405-4a99-b372-acd09865f1ef
age
91781
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a2e988089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31194
server
cloudflare
i.js
cm.mgid.com/ 		0
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1641286287787760202053
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c8339a2bad443b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame A2E1 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1641286287805347676553
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c8339a2caf543b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame D9CA 		4 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 07:25:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 08:51:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 08:51:27 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame D9CA 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2789032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T18ZEX77RD27CDYE
x-amz-id-2
T58iHULcUdkMQD+RVZl3jyWk3K1douVqFmqvJsBQw125eugLjMbTUwjESb13yVpVQZDT4I1k4Ko=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd%2FE9WEIQhSYeNwVVekCa%2F%2FTfmPdygHz09%2FvHcZ%2BvNsaSG%2FKb4ptL2FH0GQ%2FXBSYansHIJiE1I8vOilrJ6nT3BkuGb%2FrB%2B%2FTng%2FACNCfgYUZxxBEvp4HKuDxw5W7QfeDB%2BBsbNb7nPYoOcD5eVNYEu%2BM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6c8339a3a80b59ad-MXP
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=103144254&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&dp=%2Fbb28d960-28c3-46bc-ac88-49bbb3388212&ul=en-us&de=UTF-8&dt=CDC%20Withdraws%20Use%20Of%20PCR%20Test%20For%20C-19%20And%20Confessed%20It%20Cannot%20Differentiate%20Between%20The%20Flu%20And%20C-19%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUIhAAAAAC~&jid=788098246&gjid=1299222685&cid=2051100181.1641286287&tid=UA-123718506-11&_gid=1668156097.1641286287&_r=1&_slc=1&z=149753269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame D9CA 		242 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
61592100d3a35933fdb0d11ace2195e438821177da3f5c653005d1347122c380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
access-control-allow-credentials
true
x-database-date
Mon, 03 Jan 2022 15:40:32 GMT
content-length
242
vary
Origin
content-type
application/json
event
event.instiengage.com/v1/ Frame D9CA 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D9CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
440
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 04 Jan 2022 08:47:10 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
Ga5Xt-q8_bn8Uc2ZkVsVfAWbBVbrCdgplG1POxj7a0Z3yfm9L_gTUQ==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame D9CA 		649 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
514
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 04 Jan 2022 08:47:51 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
649
x-amz-cf-id
PuGOcckjpp58J6d4tqwSvmP4_FKdmuNE__psx2aTCl2Hg1sa37vZDg==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D9CA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
316
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 04 Jan 2022 08:47:51 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4833
x-amz-cf-id
MjlWZr1A3KJf2kJdhK9B7VGVYSfwS9OGTyABqSFRyVhwZ0nZ65qY7A==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=2051100181.1641286287&jid=788098246&gjid=1299222685&_gid=1668156097.1641286287&_u=aHDAAUIhAAAAAC~&z=1979459116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 04 Jan 2022 08:51:27 GMT
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1091 / 574 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jan 2022 08:51:27 GMT
/
track.adform.net/adfscript/ Frame 18A7
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.0555/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R46150692_Qrtbwp_R_I_WAUCTION__PRICE_X-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0_Qrtbdata_RlP4vi3ASJDMVKgLCxZCxCkj6__...
  • https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7H...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG_VwI8IBe_Nc0;OOBClickTrack=
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6c125c2cd698835d8e25d23769e3c58645b59ac951d7e04d940c89928085c865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
924
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG_VwI8IBe_Nc0;OOBClickTrack=
date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 18A7
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=fmx&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=fmx&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5648732318522358521&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
moatad.js
z.moatads.com/iponweb503341958152/ Frame 18A7 		317 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/iponweb503341958152/moatad.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
50803e8866e13bcb855c543d26af18d7446c84ea73137931c16d431610095a72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 16:31:01 GMT
server
AmazonS3
x-amz-request-id
G85A5M944R9XCHQG
etag
"44469f1673ee881c37359029e148bf9d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43101
accept-ranges
bytes
content-length
108747
x-amz-id-2
Tyt5BCtwGYCD9zpktTqkTQ//rLpe2aiQLC1FTXLqmf4r3afxnTfua/t3F2Q/OMfwOsGYCVEO2lw=
sovrn.containertag.new.min.js
vap3ams1.lijit.com/res/ Frame 18A7 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap3ams1.lijit.com/res/sovrn.containertag.new.min.js?cid=3&zid=754915&v=4&tid=a_754915_c138cf2ce20b4ba99b5e906fe3732b65&gdpr_flag=&loc=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
13c54512e0580d6f45587d9407dd0503aaaf6e825705b2c91bfbef83b1aabd3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f23d-ae7e"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap3ams1
t.dhj
pxdrop.lijit.com/1/d/ Frame 18A7 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=thetruedefender.com&pn=%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pubid=insticatorinc4&v0=257618
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 04 Jan 2022 08:51:28 GMT
impression
vap3ams1.lijit.com/rtb/ Frame 18A7 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap3ams1.lijit.com/rtb/impression?i_data=-sPkNDt5yz-2R3ZSDvqOey-0tuQ_255vDPc9pyZqx4YEgJoAPdUHOvoY6zfDGQOyy2lQgF5vugDHwNezO7CcVs8c4mivIgMhxgWPRIm5RRcT7KH_dAD_yj7lDAkAnjK82p0Osbcf-pr1oFgBUTy70IT4XBHjpI4d8p-yDAFK_EMpN4sSKiMct6aZ0KDEEaXCCeNWLJKUjU5l1ztfDOzQe1vlMtaYNfWeqKJncs7bJ_FxUJJg0Jqkdv31nyW9gt-WJSX1RMmOiR71FEka8h51k1fOYs7XdWMoZLLgH26Ue2Ul1xFEaycD2c9vflFyZgsiMa04Qu5ZlIAABKJLF8z-rSAJX55kKBNJ-tnK7N5ckKYJNAF8Zu3EsymNNHcVFittZA~~&bannerid=40972&campaignid=1769&endpoint=AUCTIONAPI&prebid=prebid_prebid_4.43.4&rtb_tid=69d3b647-556f-4a0f-b118-66540bc7daad&rpid=26&seatid=70&zoneid=754915&tid=a_754915_c138cf2ce20b4ba99b5e906fe3732b65
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
track.adform.net/adfscript/ Frame EBDF
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.0555/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R46150692_Qrtbwp_R_I_WAUCTION__PRICE_X-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0_Qrtbdata_RH-55N5LJ5xDG__4BEHQXhkXHN0...
  • https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7H...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M_FxZ50;OOBClickTrack=
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d81207b18eacfc53d1382830982568a2270fbeeb4928eb95c26f0bd75cbb2335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
929
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M_FxZ50;OOBClickTrack=
date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame EBDF
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=fmx&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=fmx&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=54144004503468078&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=c6abe74c-e537-488e-bb99-f0b4a83e6663
Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sovrn.containertag.new.min.js
vap3ams1.lijit.com/res/ Frame EBDF 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vap3ams1.lijit.com/res/sovrn.containertag.new.min.js?cid=3&zid=754915&v=4&tid=a_754915_5039a904fb0b4740832fa19bbc26d539&gdpr_flag=&loc=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
13c54512e0580d6f45587d9407dd0503aaaf6e825705b2c91bfbef83b1aabd3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6197f23d-ae7e"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap3ams1
t.dhj
pxdrop.lijit.com/1/d/ Frame EBDF 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=thetruedefender.com&pn=%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pubid=insticatorinc4&v0=257618
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 04 Jan 2022 08:51:28 GMT
impression
vap3ams1.lijit.com/rtb/ Frame EBDF 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap3ams1.lijit.com/rtb/impression?i_data=FJc0_56Sko3C1kVGrSjirbJrSDM36BRFAKOa1jdQyg9A0xqIwSl1FDQRvDJtykbhcz58RrVinHyJLvKlYWIgFaUzQX1ynygOzZsu3ehdoLPIr_QMTFLbqGxmy_ponNPcf5D88JDG934hZlz1sxAxvNFw0dPKiqE5k2aXE5Nr_2ndV4glDRaHb8nhjsWHSJWGyTAhTAHY4HLoCGkXfH5NnLw1rqNoJ79wj8zb7OQg8NyfvMdTTU3gMDfT-AdvXlzjiDF_wjE5xjOouwKltFNzHBDLlT1v-rpymN8k5Co2WzN0z7e-AkyDqILNLdBc3R64ltuqMMeGSPNNtmkca8QF9VCZ1PztuhmzRfFDZiky95PXiohZDrPzby8fRCReFua0NA~~&bannerid=40972&campaignid=1769&endpoint=AUCTIONAPI&prebid=prebid_prebid_4.43.4&rtb_tid=52196f57-3c4a-495c-a579-5efa13e3543c&rpid=26&seatid=70&zoneid=754915&tid=a_754915_5039a904fb0b4740832fa19bbc26d539
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
protected-by.clarium.io/ Frame 18A7 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3NvdnJuOjMwMHgyNTA=&v=5&s=v31foi4igjg&id=eyJwcmViaWQiOnsiYWRJZCI6IjM4NWFlOTIwYTc4ZjFhMyIsImNwbSI6MC4wNDEwNywicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTEiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnNvdnJuOzcwXzQ2MTUwNjkyIiwiYWRvbWFpbiI6Imdhc3Ryb3RpcHBzLmRlIn0%3D&sb=undefined&cb=6212313&h=thetruedefender.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzTnZkbkp1T2pNd01IZ3lOVEE9Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsic292cm4iXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
protected-by.clarium.io/ Frame EBDF 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L3NvdnJuOjMwMHgyNTA=&v=5&s=v31foi4igl0&id=eyJwcmViaWQiOnsiYWRJZCI6IjM5MmY1MDdjOTNiNjUzNCIsImNwbSI6MC4wNDEwNywicyI6ImRpdi1pbnN0aWNhdG9yLWFkLTIiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnNvdnJuOzcwXzQ2MTUwNjkyIiwiYWRvbWFpbiI6Imdhc3Ryb3RpcHBzLmRlIn0%3D&sb=undefined&cb=8919933&h=thetruedefender.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwzTnZkbkp1T2pNd01IZ3lOVEE9Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsic292cm4iXSwiaGJfc2l6ZSI6WyIzMDB4MjUwIl19fSwid3IiOjB9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=2051100181.1641286287&jid=788098246&_u=aHDAAUIhAAAAAC~&z=1426950362
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=2051100181.1641286287&jid=788098246&_u=aHDAAUIhAAAAAC~&z=1426950362
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D9CA 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:36:22 GMT
x-content-type-options
nosniff
age
530106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:36:22 GMT
usertracking
b2c.instiengage.com/v3/pages/ Frame 9C89 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.instiengage.com/v3/pages/usertracking
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.96.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-96-225.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
f7ddf729-eabc-490f-992d-65408e1b68ae
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
event
event.insticator.com/v1/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.94.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-94-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.94.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-94-83.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
065a72457e105102f8a17ce715d02d3d803bd7ed05a9acad86a7b17fa6231a6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 13:39:06 GMT
server
nginx
etag
"9f9c-5cfce6ad8b26d-gzip"
vary
Accept-Encoding
x-cached-since
2021-12-21T12:53:03+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6873
expires
Wed, 21 Dec 2022 12:53:03 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jan 2022 08:51:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		218 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
873671051fb6aa40481649af91d8f0902d94cff27266ec5deba3cd084255b43d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121
x-xss-protection
0
expires
Tue, 04 Jan 2022 08:51:28 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0L2NlNjJmNDU2M2UxMWU1ODhiMjE1MWZkYzlhMzM2ZWVmLmpwZz90PTE0OTY5MjY5NjE0NjI.webp
s-img.mgid.com/g/3805551/492x277/0x0x492x328/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805551/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMDgvMTAxOTI0L2NlNjJmNDU2M2UxMWU1ODhiMjE1MWZkYzlhMzM2ZWVmLmpwZz90PTE0OTY5MjY5NjE0NjI.webp?v=1641286287-XE5A39lHcdEpQgY5YDCSdGqFODsZODoV8OWmlpQPYJ8
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9288eb64577208c33af8319f44f217a7079f59e28a21bc86d1bef6ae0432d359

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:25 GMT
x-mg-request-uuid
97fac73f-ce88-46e3-a1f5-77e77157b773
age
92671
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bc97089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6004
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZ...
s-img.mgid.com/g/11739872/492x277/-/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739872/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvOGMzMTc0MWYzMjg0OWQwZDFhYmE2NTkzNWYyNDNiODgucG5n.webp?v=1641286287-i2bMN6u6vjgn8f92KNE4x8ba5v46ZFb-CQPR2I4j7PU
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
d5b7a68f-305a-46ca-8f91-2fd92359283b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bc9d089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32530
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805431/492x277/0x0x1023x682/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805431/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1641286287-bRRlhoumc8xALni00meUz-3LBe4nG8IWokWw96mCgFU
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:27 GMT
x-mg-request-uuid
26c1df82-de66-4a26-b4f1-1c9a59cd6797
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bc9e089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38216
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1641286287-szietJjKbV1hQBICEKwOzFQM6v4bG3ui2HReOvBblqg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
x-mg-request-uuid
01967e53-d7f1-4869-b3b5-67be4b2e54df
age
4121929
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bca1089f-CDG
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x277/0x0x758x505/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944304/492x277/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1641286287-QzB4PGTqvI-hQhq3pnmpuwNj04fj9FaKyc7FeZo9MEc
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecbdc9f1e55d45f2d3bc54332fb50391b3a3bd543e8d8d74af48994d0a471aff

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:50:45 GMT
x-mg-request-uuid
6a46565e-37f3-41f2-bc30-373d9dd16d37
age
54134
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bca4089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20236
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvNjZjOGEyMWJkYzBlODk1Z...
s-img.mgid.com/g/11533494/492x277/-/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533494/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvNjZjOGEyMWJkYzBlODk1ZWQ0NzJhNDMyM2YxMTcxMjcuanBlZw.webp?v=1641286287-HwBjn_o4dNuf5HX_yM_ONUFyMOM2UrUlkaW2SFzUR64
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df455678f8ecfc0a47e0862159525199b376676d4876ff118f9d1c3bd7b62cc

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:35:26 GMT
x-mg-request-uuid
2f2d38b4-6a64-4606-b285-f60b469b4877
age
164941
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bca8089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25192
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZjY4NDk0MDU2MDg5MzIwN...
s-img.mgid.com/g/11739841/492x277/-/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739841/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZjY4NDk0MDU2MDg5MzIwNGYwYWQ3NDkxOGU5NDc1NTAuanBlZw.webp?v=1641286287-qhPiU8VFfmzVt708dYRnUTribu2lBV1qlw5uB6pKsNg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd369a3da69be23d0a862675c6ee71e362404efc35c0c6d8fc8ab2881a01a00f

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
428cdea5-193f-4357-87c7-4b8c7fa77118
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcad089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19852
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc.webp
s-img.mgid.com/g/3931461/492x277/0x65x546x364/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3931461/492x277/0x65x546x364/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc.webp?v=1641286287-xDpMFy8mDXqLj5GSZplkdtJAGgqkic_0vg7hUiYn_aI
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7eeaf3b2d4b426182fd11a371d5e40f4b0841203ce06493d41e05cdc7949356

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:54 GMT
x-mg-request-uuid
ff680f07-acf3-4d86-88e9-b6a947a63fb1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcae089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11060
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZGQxOTJmYmMzM2QxOGI1Y...
s-img.mgid.com/g/11533303/492x277/-/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533303/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZGQxOTJmYmMzM2QxOGI1YzA2MDc4NDMzYTBjN2IzYTYuanBlZw.webp?v=1641286287-wAQkjmTZ95hbgr8SvDFeO0JvGJ_4pL_9BTeTvG7jAQs
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7b08df59ef8bf3dac35d902712b14ad16a76068cb3e5949bb066e09adddc6b

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:47 GMT
x-mg-request-uuid
b1d02765-4f0e-4f27-8049-c7c6d3299651
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcaf089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22980
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjAzMzQzNDQ0YjliYTA4M...
s-img.mgid.com/g/11533305/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533305/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMjAzMzQzNDQ0YjliYTA4MDQxNmNhODU3MWY3OGE5NTQuanBlZw.webp?v=1641286287-jdYV0SvQFzS7yWjvtLxrUD4Gr5z3mT02mbgZ5BeTPds
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb17381f3d610dd4fa9e72b50ba423535ba01da0df2af8bfe690f8f8c9dc9171

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:24:05 GMT
x-mg-request-uuid
66c60ba5-33b4-4e58-96f3-a54141e48b7a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcb1089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17816
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzM0Njc2YmE2NzgxZDU4YzNhMDI2MTQwNzVjMDliNGQ4LmpwZWc.webp
s-img.mgid.com/g/5523126/492x277/0x289x684x456/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5523126/492x277/0x289x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzM0Njc2YmE2NzgxZDU4YzNhMDI2MTQwNzVjMDliNGQ4LmpwZWc.webp?v=1641286287-SGJhezmDx-OmqmojvbEtAPugeCgZnZiQGOc90Bchh1k
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ee239687f47cfd398414ca4ce4a50014ec75ce6e0085aa8b4640b72293e32c

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:17 GMT
x-mg-request-uuid
659b38f7-bb09-4cc6-8164-4c42b9707268
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcb3089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13236
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzY...
s-img.mgid.com/g/11739843/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739843/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzYmRlZDMxZWFiY2I1NzI0NGIuanBlZw.webp?v=1641286287-XnU4ymDTNn7NnCrgLO8gNIIckdtjYL3bvnJiwSkRbTk
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:35 GMT
x-mg-request-uuid
088b6c85-90de-4437-99bb-aabdfd113ff6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcb6089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14164
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZDk2OTY2YmNmYjI0NzBhZ...
s-img.mgid.com/g/11533481/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533481/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZDk2OTY2YmNmYjI0NzBhZmY4YmZjNDExYWZlNTY1YWQuanBn.webp?v=1641286287-GclErKBzkOvtMHvJoGTkNpVfpUvGfBf4PXwoR4N2uJ4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0bbec4952c7ae822cea69d5b2017f521dc7c543331d29fee3487a71cbeb09b1

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:43 GMT
x-mg-request-uuid
ffce2dec-374e-4be1-8e62-e8353c4323eb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcb9089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14024
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2MzMGIwMWVkY2MyODVjOWRiNjBmOTQ5NTVmMDg2YTdiLmpwZWc.webp
s-img.mgid.com/g/4021001/492x277/0x0x600x400/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4021001/492x277/0x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2MzMGIwMWVkY2MyODVjOWRiNjBmOTQ5NTVmMDg2YTdiLmpwZWc.webp?v=1641286287-ZudLv1ZZsf96lM0xnA7j1_aJoFp4KTlEaxZZ7wirJD0
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796cec06ffa8e443daa212746833ef3e0f04304e75edc1c3d213644bab554177

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:26 GMT
x-mg-request-uuid
0ca96964-ed37-4004-b3e4-ae2c9fe7b30f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcba089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29590
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTY3LHlfNjkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9kNjY2Z...
s-img.mgid.com/g/11533461/492x277/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533461/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTY3LHlfNjkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9kNjY2ZTNlN2VkMDQxNjk1ODQ5N2UwZGVkMzFhMjM3MS5qcGc.webp?v=1641286287-u5WLyQyozuPGzCpqCGizM5zEXRJFA4JBpeEtv23yjWc
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946cb6b6bf4a0aa2e2a5c106687b9b61ef8a10a376d8761ab6004df3e3bb47a0

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:35:07 GMT
x-mg-request-uuid
09dd990b-ec9b-4497-8ce1-d27cb6d7cb8b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c8339a4bcbc089f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6102
server
cloudflare
423b852b-1cd6-42bd-81f0-833a4582bb9d
player.ex.co/player/ 		720 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.65.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4759d13585e49798f68b3fad54d819720f7189d954915b828b728b4036525c3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
age
7289
x-cache
MISS, HIT
access-control-max-age
600
content-length
216016
x-served-by
cache-iad-kiad7000105-IAD, cache-hhn4039-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1641286288.236428,VS0,VE1
etag
W/"b4102-iHMDNKEXPvLdxW+cffl8lq3VxNY"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame EBDF 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 12:26:14 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 18A7 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 12:26:14 GMT
events
prd-collector-anon.ex.co/main/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 08:32:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 04 Jan 2022 08:51:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jan 2022 08:51:28 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxUS33fHL218Vnzc13h98diQ7RaRtNei5LPRd93R_Q8daD7wcflOWodcSM-pqel6mrDcKP6ejWKBuPn9C_HdDY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jan 2022 08:56:28 GMT
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 588C 		366 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8121d8c18714f80a7c0355a59b6103d3d3b977205a15102e1c6357cd6e370006

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvpuBQLKpSZFvjR1XpcqBR6czhnWR13KfncGKLZ_WigzguRofW4ht09Kd8DgkJmhg9Yr6tdKPeXaEjQMJBL7Y4iuQI-JQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
105439
last-modified
Mon, 03 Jan 2022 07:10:54 GMT
server
UploadServer
etag
"7c696b48c0f9117d872fe458d9f01f0a"
vary
Accept-Encoding
x-goog-hash
crc32c=evTVUg==, md5=fGlrSMD5EX2HL+RY2fAfCg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641193853921461
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
105439
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jan 2022 08:56:28 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1641286288373&cid=6194c0f876cae755cd2701fa&VERSION=4.115.0&AV_PAGE_LOAD_UID=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_CDIM4=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
track.adform.net/adfserve/ Frame EBDF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=H-55N5LJ5xDG_4BEHQXhkXHN0N_VLUOJ-xNxQiBopIVrXy6pmCaZG63_9pjPGnmZyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezvtd5tOs38FCmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG1szR7M_FxZ50;oobclicktrack=;js=1;adfxid=1x;8084;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
69a653da847c5684892ff44a188fa4d113aea5723a82e8e4b324b4946efde758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2545
expires
-1
/
track.adform.net/adfserve/ Frame 18A7 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46150692;rtbwp=0.0555-sJLLQC7BV0NxAoqAwQr-3BTUAoAmF2Qq0;rtbdata=lP4vi3ASJDMVKgLCxZCxCkj6_6rCLicrWpw-lPnKc2K9j8lD6yfdPafa4Q4MpU7DyZKO4obra7YJKY97RFy97CI7WfNy7HTwVB4pDlVEJePuyqI5KMNKG4NkwrL8JX2lO-APdO39cNHe9j1cWkKa_gqSrFoXT48LaWpVlMtSe-jS2QLR3Jo-tDo_9VxZVmdt4YX9kCY6w-kad4KyialD4uYLZFFKwppW44H3QEYqNzSohAXbS1-UnhWy8domG0ezcTCjsgWIB8Kmh5N3X7uRBltNZyOZKyBKKYn8hTqZDzKRV-QcE45NG_VwI8IBe_Nc0;oobclicktrack=;js=1;adfxid=2x;4862;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
55acebb47572b66922405ebf9181dadf4a7769065ee267bf946790bbdcb1e060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2538
expires
-1
containertag
ap.lijit.com/ Frame EBDF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?zoneId=754915&containerId=3&v=4&tid=a_754915_5039a904fb0b4740832fa19bbc26d539&loc=https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/&gdpr_flag=
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
5689a5d4d64d87ca4c59bfcdd22f3e33d45906909d12611f80f3ba01df777d48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap3ams1
Content-Type
application/json;charset=utf-8
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
track.adform.net/jsmetrics/ Frame 18A7 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=122&asset=87&sid=276&rid=10528&cid=7537
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
last-modified
Fri, 22 Jul 2016 07:37:00 GMT
server
nginx
etag
"5791cd1c-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
n.js
geo.moatads.com/ 		84 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3959127750&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUHxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=IPONWEB1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641286288542&de=574441350694&m=0&ar=cc97a930ec1-clean&iw=599bb36&q=2&cb=0&ym=0&cu=1641286288542&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=fmx%3Afmx_257618%3Athetruedefender.com%3A1&zGSRC=1&gu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&id=1&ii=4&bo=display&bd=2&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&gw=iponweb503341958152&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1545%3A1545%3A0%3A1632&jk=-1&jm=-1&fs=195926&na=1240440713&cs=0&ord=1641286288542&jv=1958520933&callback=DOMlessLLDcallback_10155879
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
16ea4453208788be7a92faae3fc0399addf819b44cc14228608a68c30d3fd26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"29b92a919a98a7ae97a0d23a0e43af74f9e3830d"
content-length
84
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=IPONWEB1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641286288542&de=574441350694&m=0&ar=cc97a930ec1-clean&iw=599bb36&q=3&cb=0&ym=0&cu=1641286288542&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=fmx%3Afmx_257618%3Athetruedefender.com%3A1&zGSRC=1&gu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&id=1&ii=4&bo=display&bd=2&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&gw=iponweb503341958152&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1545%3A1545%3A0%3A1632&jk=-1&jm=-1&fs=195926&na=1956258226&cs=0
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:28 GMT
containertag
ap.lijit.com/ Frame 18A7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?zoneId=754915&containerId=3&v=4&tid=a_754915_c138cf2ce20b4ba99b5e906fe3732b65&loc=https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/&gdpr_flag=
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
8d0ed92a6defdca86f9018c8b5b920af2232d0c47f0b08a3bafa01ba009a583a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:28 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap3ams1
Content-Type
application/json;charset=utf-8
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame EBDF 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 12:26:53 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 18A7 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 14:23:05 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 05 Jan 2022 12:26:53 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=thetruedefender.com&sn=&cd4=e821b97e-983e-4072-9f1f-984154a0fbc7&cd5=default&ic=0&tgt=0&app=&wi=&he=&test=&d36=6.1.2.94&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6194c0f876cae755cd2701fa&stagid=&stplid=&e=inventory&vi=0&cb=1641286288651
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
db1d7caa12644f684c81f53e9d5fe1c295f0184c612b7433fd3c8f0df2fb5c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Tag
276070225843454012355768999963740830959,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:39 GMT
Server
cloudinary
X-Timer
S1641268491.886385,VS0,VE1
ETag
"e78e16445aa0893a3c5cd9a4550c03db"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539841
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ct
ap.lijit.com/data/ Frame EBDF 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_754915_5039a904fb0b4740832fa19bbc26d539&zoneid=754915&cid=3&geo=DE&all_tags=587&tss=140&fired_tags=587&count=1&status=1&elapsed_ms=140
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Server
nginx
X-Sovrn-Pod
ad_ap3ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
/
premiumsrv.aniview.com/api/adserver/tag/ 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.115.0&AV_PAGE_LOAD_UID=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_CDIM4=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6194c0f876cae755cd2701fa&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=thetruedefender.com&AV_DADPOS=3&d36=6.1.2.94&responsive=1&sver=1&avtoken=288650&AV_WIDTH=680&AV_HEIGHT=383&AV_DNT=0&cb=1641286288684
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-235-47.compute-1.amazonaws.com
Software
/
Resource Hash
dd6f6dd363a64823cd9ef99b97becaf5e8cc29b89f6b620f70a46b68b9d53803

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 23 Dec 2021 19:04:49 GMT
contents
cms.instiengage.com/v3/ Frame D9CA 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=82ca0152-0a92-4175-bac5-63889a43274b&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
d4587b41854ad9a6da58ebcdafa01d426d1f8945810c656891cda431603a567e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-credentials
true
content-length
18425
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D9CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
441
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 04 Jan 2022 08:47:10 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
J_i5BT0rvvjwEuFTaRUHBTAbOQk8WTDBujDi6V5PGxgzEebglMBmIg==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D9CA 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:36:22 GMT
x-content-type-options
nosniff
age
530106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:36:22 GMT
ct
ap.lijit.com/data/ Frame 18A7 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_754915_c138cf2ce20b4ba99b5e906fe3732b65&zoneid=754915&cid=3&geo=DE&all_tags=587&tss=97&fired_tags=587&count=1&status=1&elapsed_ms=97
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Server
nginx
X-Sovrn-Pod
ad_ap3ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
/
track.adform.net/csimpr/ Frame EBDF 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46150692&csi=0VZJXnAU-Lic0-6E_7OE4Ii7l3kfU67sn4Nx-2uUPfsJDwKV3Zer3H6vjBIz8SLPBeYzNozznCnYH27sIeuVYrQ8JIJob1sX0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45240765.png
s1.adform.net/Banners/45240765/ Frame EBDF 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45240765/45240765.png?bv=2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
698b37e777435df85f3c395e800ea21013c583a75b7f3939973519f1b1d16728
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
last-modified
Tue, 18 May 2021 10:24:59 GMT
server
nginx
etag
"60a395fb-98a4"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
39076
45240765.png
s1.adform.net/Banners/45240765/ Frame 18A7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45240765/45240765.png?bv=2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
698b37e777435df85f3c395e800ea21013c583a75b7f3939973519f1b1d16728
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
last-modified
Tue, 18 May 2021 10:24:59 GMT
server
nginx
etag
"60a395fb-98a4"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
39076
/
track.adform.net/csimpr/ Frame 18A7 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46150692&csi=i1OqTHRLNmkyRq0XP0pJzFjWCTH-k2wwn4Nx-2uUPfsJDwKV3Zer3H6vjBIz8SLPNzgU675FgoSmVwkGRl-hYLQ8JIJob1sX0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
274e9f59c686dc91b4c110341a53a8514d40629fa9e9ea32ba7118d6f23b022e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Tag
276070225843454012355768999963740830959,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1217
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:29 GMT
Server
cloudinary
X-Timer
S1641268878.917755,VS0,VE1
ETag
"523d83cc0de961b7f84f813da726d687"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31540105
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:28 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
aad7e707195e7658160baa3533e5792e4556ff8437479694372df64340949d2b

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-41359

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Tag
276070225843454012355768999963740830959,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-41359/657436
Connection
keep-alive
Content-Length
41360
X-Served-By
cache-wdc5564-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:29 GMT
Server
cloudinary
X-Timer
S1641268878.258733,VS0,VE1
ETag
"217205c3108d909a89a05e1744c39202"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31540290
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
41007291-0cac-439a-acc8-be08ca3295bf
https://thetruedefender.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thetruedefender.com/41007291-0cac-439a-acc8-be08ca3295bf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0677838df5aca9aebc1b1ffc45487931107a47f714ee880e7eb3cba29d4aced1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:28 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1226
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:36 GMT
Server
cloudinary
X-Timer
S1641268491.297362,VS0,VE1
ETag
"082957aae26bb4e09414acefbb49d9f2"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539817
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.instiengage.com/v1/ Frame D9CA 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.170.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-170-81.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:29 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
UrWI6z47rx0
static.instiengage.com/content_images/unsplash/ Frame D9CA 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/UrWI6z47rx0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2027125ba73adc31e16ccbc439fcbd81452b0337d22c7fcd6a492e3890f4a6b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
kqlBdFlNdOkuD2aYHH5eXrJaeu0g3ZFD
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 14:57:34 GMT
server
AmazonS3
age
3380
etag
"94df2cee1e727ce3e1cd1b62a41eeebb"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Tue, 04 Jan 2022 08:01:17 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
578162
x-amz-cf-id
1o0ITvvTQ2Fgrf29vwQAQKIoIewOWAFN7X2_EF6NcSpRdnyXmuPnog==
9HkyszvcRBY
static.instiengage.com/content_images/unsplash/ Frame D9CA 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/9HkyszvcRBY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20d5792833082d0f85e2f04c42639163756afb385c0e4cf69b2e19139a2314d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
BUB65GNKJsdvUqV9DMRH0kbp5XWo_sMx
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 20:40:35 GMT
server
AmazonS3
age
2108
etag
"aa91a7cee0c13d15fc9a30d794307f47"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Tue, 04 Jan 2022 08:17:54 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2431205
x-amz-cf-id
I3ktGC7IQ9uUzxN98uUo64WhHLxkTBY5FByhxNyViRpI2FMUoZkTGg==
98MbUldcDJY
static.instiengage.com/content_images/unsplash/ Frame D9CA 		456 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/98MbUldcDJY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
127af483872f885ce78fc10c826d0368b4918bf70baccfafdb6e7c31713f5f5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
dhe.auq5VQFttNtR_yIRa4bTs4XFyHvm
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 20:40:32 GMT
server
AmazonS3
age
3380
etag
"9358e97cf19317eb9f50c87cf6c95799"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Tue, 04 Jan 2022 08:01:17 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
466481
x-amz-cf-id
sS5f5OEIVAZpsY_7JOeRrmYKHdECBU7S9IaMfJgcApkIwQl_zyyqlA==
Oalh2MojUuk
static.instiengage.com/content_images/unsplash/ Frame D9CA 		446 KB
447 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/Oalh2MojUuk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2365a1c4415706420a899a6efbeda8aa7aa1567a7d35f9eb9b67f79628d0d08e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
t0BYndMVqJy5entr3Pg3yT9cWlRzHo.i
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 14:57:02 GMT
server
AmazonS3
age
3380
etag
"7c0ca891f6f14ceb64be217482937014"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Tue, 04 Jan 2022 08:01:17 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
456865
x-amz-cf-id
UnjYsuk_z4mp3HUcUmUbZ6Lo9v9E3JdrlxzZmZeKLC4hZVluou_UFg==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D9CA 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:36:22 GMT
x-content-type-options
nosniff
age
530106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:36:22 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame D9CA 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:28 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1886032
cf-ray
6c8339aa18af3744-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73852
x-amz-id-2
NXXQ702GjSHBcRQ7+nnquOZgpzUh5cKJX/xYZJtfMwkU08Au7PwmbjoRaa1BuxBbHQle/FPYcdc=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPuyOMKpENVrY2osZVYgH9nlOsEUtYcOvnJJRDOrshZ8sELtrPWQ1Tswq2en2Rt72xuTz6u4ij4Q3N0Dj7uOmZ0u%2FCAHV76ZTP%2BC7Dmr28UkXomdvNAc6ms0dQrv5Qbl5m4GGCW%2Bn%2FnWEZIE3kzNQNKE"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
VTDCHQWDAJ99A69V
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:28 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		78 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8b3b37529eec967651bdd54c5fb89a642841eea6ea8907f76c2fdc2fac10df54

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-80087

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-80087/1403420
Connection
keep-alive
Content-Length
80088
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08DB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68954
expires
Wed, 05 Jan 2022 04:00:43 GMT
date
Tue, 04 Jan 2022 08:51:29 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 7587
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e19248dc1db3bf63e09be8134fbdd069e786e5c5156d95ad9ab9f14bcc87216

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|238|90|196|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1829
Expires
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 090F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
merge
ce.lijit.com/ Frame 2E83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1641286288959-980633797214-007787-003-008465&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Tue, 04 Jan 2022 08:51:29 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:29 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame 588C 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a8ef9f7d27bb98e433779677626afd16bd2073d9af643a18dda1b4daa5223222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvNiuyHzFVikWtcs3tHHn--5WKgJtY3UWVMvZNIrsWT3_IO6NLFKKuW9C8p8nN4zGLPAz4NgBEirEkoRH_QXaWS1uZLEA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Mon, 03 Jan 2022 07:09:41 GMT
server
UploadServer
etag
"188447d31c3e1d7e986af2b7e4a521f8"
vary
Accept-Encoding
x-goog-hash
crc32c=DFn1/A==, md5=GIRH0xw+HX6YavK35KUh+A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641193781719248
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jan 2022 08:56:29 GMT
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
129 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205240&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-wi...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-wi...
129 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205239&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
129 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027757&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205234&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-w...
129 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:28 GMT
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426225&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=533522612871205244&pgdomain=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=1286289101&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/236693/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236693/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&w=679&h=383&cbb=1286289101
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=71037&t=1641286288&cip=185.232.23.180&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=680&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1641286288959-980633797214-007787-003-008465&cha=0.1&stagid=&stplid=&d35=&d36=6.1.2.94&cb=53352261287&cd5=default&cd1=4.115.0&cd4=e821b97e-983e-4072-9f1f-984154a0fbc7&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=request&cb=1641286289102&asid=5fa2711a54dbb238c9289f7d%2C603bb6ac619b766728187834%2C5c5a9a6228a0617b9619af99%2C604e0c8861e0794a7a3b232a%2C60ebfe94ebe867570438e997%2C60254e56dcfb6a082e596646%2C5b30e37c073ef468ec3ca049%2C6033b5166ce17d3480761314%2C5e1b272e28a06142643c20cd%2C5fd1f2cc9772f87a350a855b%2C5c18de8528a061035b671e18%2C611a29ce1435652c181c3de6%2C5fbe1a1fd09dbe29472667bb%2C6112a980827c476d02686ca4&ofpr=2%2C6%2C2%2C2%2C%2C%2C%2C2%2C3%2C1.5%2C%2C%2C4%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
c
c.mgid.com/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=305|253|8|ucjraKkRsTp0f8kWN6rgu_82eMfJ3Ak7JBxy846ymlXIChKVtKl3-Z4E_7C2Ix3s&fw=1&extjs=66044&cid=1229983&h2=CBvd3SiXK6CDlaashqQY2B-LAifAvcAwR1nWkedwnPI*&rid=8109b324-6d3b-11ec-8ee1-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=17e244940b88670580c&cbuster=1641286289110110810318&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
b89c8ad9-7956-4046-991a-23d21a6d061c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c8339aafeea4e1f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
v2
mb.moatads.com/s/ 		179 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&pcode=iponweb503341958152&ord=1641286288542&jv=1687444684&callback=BrandSafetyNadoscallback_10155879
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/iponweb503341958152/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.74.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-74-180.eu-west-1.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
a9d4e9313a233aef04123c99c7f444fec1f30a40c2ed883935e9e4fd5b7684e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"3d8b6289c4538331b680939019bdb375bdf9a18c"
content-length
179
content-type
text/html; charset=UTF-8
pixel.gif
iponweb503341958152.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=158&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetruedefender.com&L1id=fmx&L2id=fmx_257618&L3id=thetruedefender.com&L4id=1&S1id=display&S2id=2&ord=1641286288542&r=574441350694&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthetruedefender.com%252Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=e7560484_69d3b647-556f-4a0f-b118-66540bc7daad&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:29 GMT
pixel.gif
iponweb503341958152.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=158&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetruedefender.com&L1id=fmx&L2id=fmx_257618&L3id=thetruedefender.com&L4id=1&S1id=display&S2id=2&ord=1641286288542&r=574441350694&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthetruedefender.com%252Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=e7560484_69d3b647-556f-4a0f-b118-66540bc7daad&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:29 GMT
pixel.gif
iponweb503341958152.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=158&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetruedefender.com&L1id=fmx&L2id=fmx_257618&L3id=thetruedefender.com&L4id=1&S1id=display&S2id=2&ord=1641286288542&r=574441350694&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthetruedefender.com%252Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=e7560484_69d3b647-556f-4a0f-b118-66540bc7daad&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:29 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=0&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs1.adform.net%2FBanners%2F45240765%2F45240765.png%3Fbv%3D2&i=IPONWEB1&ol=3959127750&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUHxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&id=1&ii=4&f=0&j=&t=1641286288542&de=574441350694&cu=1641286288542&m=582&ar=cc97a930ec1-clean&iw=599bb36&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9129&le=1&lf=135&lg=1&lh=32&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1545%3A1545%3A3634%3A1632&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=158&cd=0&ah=158&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=fmx%3Afmx_257618%3Athetruedefender.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=3&jm=-1&tc=0&fs=195926&na=2063174822&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:29 GMT
369.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
ac6de49956db9b5f8bf923e89703b8da48202c1fb756a1388d69021f49477a9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Tue, 04 Jan 2022 08:51:28 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f4c2d8fe51d1b04b0b3a52eb78912c187ab47689c39d144200f4ba6a479e8d09

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
x-server
10.45.30.35
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e70c3df34821b301afd098f37b2f4005b326495db887d875b0aeaa641f5e72bc

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 03 Feb 2022 08:51:29 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 08DB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63338536&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.92.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-92-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7e7637b93a3d36d854b1f8ef67c93a8aba841ab9717347f1374a5651e5f345df

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.92.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-92-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ffb8361ac74b44594df15cc14343b75e4e55b7f23338179b27b5a56ef93eff6f

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.92.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-92-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
62136b040d60565d9d000be01d1bc5b4099fa4e725baf14f207138be1a20634d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
309622
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/309622?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
X-SpotX-Timing-Transform
0.000524
X-SpotX-Timing-SpotMarket
0.010440
X-SpotX-Timing-Page-Mux
0.001593
X-SpotX-Timing-Page-Require
0.000601
X-fe
059
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000038
X-SpotX-Timing-Page
0.018305
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000532
Last-Modified
Tue, 04 Jan 2022 08:51:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.010440
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
X-SpotX-Timing-Page-Misc
0.004559
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pixel.gif
iponweb503341958152.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=231&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetruedefender.com&L1id=fmx&L2id=fmx_257618&L3id=thetruedefender.com&L4id=1&S1id=display&S2id=2&ord=1641286288542&r=574441350694&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthetruedefender.com%252Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=e7560484_69d3b647-556f-4a0f-b118-66540bc7daad&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:29 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		172 KB
173 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
317fd46455fbc48eb6bfc26d007e6ccde63bc827e228fd43dfedd3b763afc7cd

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=80088-256619

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 80088-256619/1403420
Connection
keep-alive
Content-Length
176532
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
usync.js
eus.rubiconproject.com/ Frame 090F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e8291d4dd56fdf2b9d6ce0f19cb47a2a2bc38edd11c766d847bbc22e387fc54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43033
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Tue, 04 Jan 2022 20:48:42 GMT
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:29 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
543443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT
khaos.jpg
token.rubiconproject.com/ Frame 090F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
dcm
s.amazon-adsystem.com/ Frame 7587
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
83GV2FSQQV9MFXRFHJQ9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3PNBW6BNCVZ91W99XG5B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7587
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7587
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdQKkURCNwPKNxbaVPHnRAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YdQKkURCNwPKNxbaVPHnRAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIF8diqlcGNvGivauQCxm2w&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIF8diqlcGNvGivauQCxm2w&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIF8diqlcGNvGivauQCxm2w&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7587 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
461886.gif
idsync.rlcdn.com/ Frame 7587 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YdQKkURCNwPKNxbaVPHnRAAA%261153&&gdpr_consent=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
no_match_opted_out
um.simpli.fi/ Frame 7587
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 08:51:29 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 04 Jan 2022 08:51:29 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 03 Jan 2022 08:51:29 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 7587 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
indexexchange
sync.adotmob.com/cookie/ Frame 7587 		0
0
cookiesyncendpoint
sync.aniview.com/ Frame 7587 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1641286288959-980633797214-007787-003-008465&biddername=42&key=YdQKkURCNwPKNxbaVPHnRAAA%261153
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641286288959-980633797214-007787-003-008465%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.104.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-104-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		86 KB
86 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e44c10df7bc0fa5bd8b4b2f6a8a8d4cbdcb2c162b2e8ec725ed77770f8e09006

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=256620-344227

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 256620-344227/1403420
Connection
keep-alive
Content-Length
87608
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 090F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		181 KB
181 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0ebe8323819179f7e6f9cf8210689f29381980b1b16f7c887b2541b1db27c231

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=344228-529407

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 344228-529407/1403420
Connection
keep-alive
Content-Length
185180
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=71037&t=1641286288&cip=185.232.23.180&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=680&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1641286288959-980633797214-007787-003-008465&cha=0.1&stagid=&stplid=&d35=&d36=6.1.2.94&cb=53352261287&cd5=default&cd1=4.115.0&cd4=e821b97e-983e-4072-9f1f-984154a0fbc7&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=bid&cb=1641286289369&asid=60ebfe94ebe867570438e997&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		128 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
765661793eccdb0143ec5e65044bf8dc5189794c7f2cd9dd7e6f26d973ad6a28

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=529408-660255

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 529408-660255/1403420
Connection
keep-alive
Content-Length
130848
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 588C 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126523
x-xss-protection
0
expires
Tue, 04 Jan 2022 08:51:29 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		146 KB
147 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6067c93cbb06e7c93cf43f265b9f541fcd7c499d2aa68b676726627b0f4d4f50

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=660256-810091

Response headers

Date
Tue, 04 Jan 2022 08:51:29 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 660256-810091/1403420
Connection
keep-alive
Content-Length
149836
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539744
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:29 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame 420A 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198942
date
Wed, 29 Dec 2021 05:10:28 GMT
expires
Thu, 29 Dec 2022 05:10:28 GMT
last-modified
Wed, 15 Dec 2021 20:12:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
531661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 588C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jan 2022 08:51:29 GMT
integrator.js
adservice.google.com/adsid/ Frame 588C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetruedefender.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 10C9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 04 Jan 2022 09:00:17 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 420A 		156 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=733352655681396&sdkv=h.3.493.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.493.0&sid=70B36780-9193-4820-8F5F-90148649FA8A&nel=1&eid=44725355%2C44750604%2C44750822%2C44753925&url=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&dt=1641286289686&cookie_enabled=1&scor=757347253977115&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
72319
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Mon, 03 Jan 2022 12:46:11 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
UmgeqLmnQY6yZir_qVcpz8xzFxP2ACbuOTIHV7qqeX9O7KnrZUwA9g==
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 14:33:06 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb697.cloudfront.net (CloudFront), 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
age
65903
x-amzn-requestid
5a172b78-88c8-4d8e-9a01-448d9335f448
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61d30922-33c597b62020e7607591c3e9;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
LX5dcHfQjoEFuMg=
content-length
30
x-amz-cf-id
nK365xWJ2R1Uk0gTomBw6RIaEqZBp-NpwNBCjyz4PNglroDx10tAIA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
371.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
5859837fba51b1126389a100aced2376dfd92575dc415a26247b994f4d828078
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Tue, 04 Jan 2022 08:51:29 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F28 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68954
expires
Wed, 05 Jan 2022 04:00:43 GMT
date
Tue, 04 Jan 2022 08:51:29 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FB5 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68952
expires
Wed, 05 Jan 2022 04:00:43 GMT
date
Tue, 04 Jan 2022 08:51:31 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 1272 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 04 Jan 2022 08:51:30 GMT
usync.html
eus.rubiconproject.com/ Frame F7F4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
ps
ssc-cms.33across.com/ Frame A3B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D33XUSERID33X
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Tue, 04 Jan 2022 08:51:30 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0040 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sat, 01 Jan 2022 02:32:19 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 04 Jan 2022 08:51:31 GMT
Age
22746
X-Served-By
cache-lga21932-LGA, cache-hhn4076-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 272291
X-Timer
S1641286291.079479,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame EEAE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C8fa0b37c-db09-4c93-af46-938fe7975887&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
check.html
biddr.brealtime.com/ Frame CB6C 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id
5S3T1K5V2G9VMX3D
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
796
Expires
Tue, 04 Jan 2022 08:52:31 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6c8339b75bbf2be9-FRA
Content-Encoding
gzip
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame 8496 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
fdbe7e42d96d1476bde4b72f38c68734ce4e660b561e4470c32d570d6ced774a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
openresty
date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Tue, 04 Jan 2022 08:51:31 GMT
x-sid
AMS-610
content-encoding
gzip
beacon
ap.lijit.com/ Frame 1842 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Tue, 04 Jan 2022 08:51:31 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
usermatch
ssum-sec.casalemedia.com/ Frame 9D08 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb46dfb05ef6f27ac56735d107ac4a52569f68e8ea76fcdacbe7a543754ce6d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|3|88|13|31|196|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1779
Expires
Tue, 04 Jan 2022 08:51:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 609B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
6107
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuHW4xFxdM5yNzQpbKWpVH1WjhPlkunm591QhhOfs2S7whPoeSvqbaAo9h4Pe5HM28UT5pOFHWdB8NlCk%2FIgjFi2pKTl64gARJY7nCtUhnr%2BftvbtSSisBlWO8PBLapkkkJFGE7I4l2%2BDfcSFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c8339b77cec3746-MXP
content-encoding
br
/
onetag-sys.com/usync/ Frame EFBB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1641286287344
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4728 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6572a0738277ca7d152fcc9f00b7b04d270c84ce466da41884efa11b5352d0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://thetruedefender.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339b749de6946-FRA
content-encoding
br
usa
sync.go.sonobi.com/ 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=8fa0b37c-db09-4c93-af46-938fe7975887
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=insticator
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=insticator
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=65bd5450-c8ff-4d8c-9185-1bbad3b5b269&ssp=insticator
  • https://ex.ingage.tech/v1/sync/bidswitch/8fa0b37c-db09-4c93-af46-938fe7975887?uid=c6abe74c-e537-488e-bb99-f0b4a83e6663&gdpr=&gdpr_consent=&us_privacy=
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/8fa0b37c-db09-4c93-af46-938fe7975887?uid=c6abe74c-e537-488e-bb99-f0b4a83e6663&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6c8339b93a423747-MXP

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/8fa0b37c-db09-4c93-af46-938fe7975887?uid=c6abe74c-e537-488e-bb99-f0b4a83e6663&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 04 Jan 2022 08:51:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ 		0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=8fa0b37c-db09-4c93-af46-938fe7975887&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
127261544
access-control-allow-origin
https://thetruedefender.com/
access-control-allow-credentials
true
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/8fa0b37c-db09-4c93-af46-938fe7975887?uid=52007b0a-9807-417d-b305-ae354576cd36&gdpr=0
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/8fa0b37c-db09-4c93-af46-938fe7975887?uid=52007b0a-9807-417d-b305-ae354576cd36&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6c8339b7dfcc3747-MXP

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/8fa0b37c-db09-4c93-af46-938fe7975887?uid=52007b0a-9807-417d-b305-ae354576cd36&gdpr=0
date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/acuityads/
Redirect Chain
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%7B%24UID%7D
  • https://ex.ingage.tech/v1/sync/acuityads/8fa0b37c-db09-4c93-af46-938fe7975887?uid=f0bc023a27acfe141395e0e1a465f2441f0411f8
0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/acuityads/8fa0b37c-db09-4c93-af46-938fe7975887?uid=f0bc023a27acfe141395e0e1a465f2441f0411f8
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6c8339b8f9bd3747-MXP

Redirect headers

Location
https://ex.ingage.tech/v1/sync/acuityads/8fa0b37c-db09-4c93-af46-938fe7975887?uid=f0bc023a27acfe141395e0e1a465f2441f0411f8
Date
Tue, 04 Jan 2022 08:51:31 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D93c5f73b14d91a27%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D93c5f73b14d91a27%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=93c5f73b14d91a27&uid=0bcfe7586dd1cbe89e966999
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=93c5f73b14d91a27&uid=0bcfe7586dd1cbe89e966999
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=93c5f73b14d91a27&uid=0bcfe7586dd1cbe89e966999
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID&sovrn_retry=true
  • https://ex.ingage.tech/v1/sync/sovrn/8fa0b37c-db09-4c93-af46-938fe7975887?uid=504a5ab2437c2d3fd31d0010
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/sovrn/8fa0b37c-db09-4c93-af46-938fe7975887?uid=504a5ab2437c2d3fd31d0010
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6c8339b7dfd83747-MXP

Redirect headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ex.ingage.tech/v1/sync/sovrn/8fa0b37c-db09-4c93-af46-938fe7975887?uid=504a5ab2437c2d3fd31d0010
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usync.js
eus.rubiconproject.com/ Frame F7F4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e8291d4dd56fdf2b9d6ce0f19cb47a2a2bc38edd11c766d847bbc22e387fc54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43031
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Tue, 04 Jan 2022 20:48:42 GMT
getuid
secure.adnxs.com/ Frame 9D08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9D08 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:74fc:7750:9e36:ae36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 9D08
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15b961d4-0a93-4000-9579-d9ee48656320&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15b961d4-0a93-4000-9579-d9ee48656320&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=15b961d4-0a93-4000-9579-d9ee48656320&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 04 Jan 2022 08:51:30 GMT
rum
dsum-sec.casalemedia.com/ Frame 9D08
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YdQKkwAC-9K4CgAF
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdQKkwAC-9K4CgAF&gdpr=1&_test=YdQKkwAC-9K4CgAF
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdQKkwAC-9K4CgAF&gdpr=1&_test=YdQKkwAC-9K4CgAF
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641286291.352802,VS0,VE0
x-served-by
cache-cdg20781-CDG
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdQKkwAC-9K4CgAF&gdpr=1&_test=YdQKkwAC-9K4CgAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
indexexchange
sync.adotmob.com/cookie/ Frame 9D08 		0
0
noop
px.owneriq.net/ Frame 9D08
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6945726911317896488&uid=Q6945726911317896488&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
us.php
gu.dyntrk.com/adx/ie/ Frame 9D08 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
rum
dsum-sec.casalemedia.com/ Frame 9D08
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2488044011064200694
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2488044011064200694
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2488044011064200694
pragma
no-cache
date
Tue, 04 Jan 2022 08:51:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/ix/ Frame 9D08 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/8fa0b37c-db09-4c93-af46-938fe7975887?uid=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
6c8339b79f6f3747-MXP
bounce
ib.adnxs.com/ Frame 0040
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
82d46c51-c7d6-40a7-9ec2-97bc1acd49e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f00a690-130b-448f-b787-6109820e20d0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame F7F4 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
getuid
ib.adnxs.com/ Frame 4728 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMV7RAewv3x2KxxcxNjVmUc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMV7RAewv3x2KxxcxNjVmUc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b80b806946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMV7RAewv3x2KxxcxNjVmUc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ff3bc3d3-e676-4d04-bcea-70326c132102&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ff3bc3d3-e676-4d04-bcea-70326c132102&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b80b8b6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=ff3bc3d3-e676-4d04-bcea-70326c132102&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 4728 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4...
  • https://mwzeom.zeotap.com/mw?cid=78aaf8f4-e3ea-4839-93a2-b29fd5b0abda&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=78aaf8f4-e3ea-4839-93a2-b29fd5b0abda&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b80b876946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=78aaf8f4-e3ea-4839-93a2-b29fd5b0abda&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 4728 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1641286291.201387,VS0,VE24
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6978-MXP
u
dmp.v.fwmrm.net/ad/ Frame 4728 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4728 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed621f7-c6cf-4c89-768a-0b1572265343%26reqId%3D4052e7a0-acb1-4f97-6e33-ff5f9b401d17%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=350a5d6f-5747-48ce-834d-8ef97b0cf090&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=350a5d6f-5747-48ce-834d-8ef97b0cf090&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b97f506946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=350a5d6f-5747-48ce-834d-8ef97b0cf090&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1ed621f7-c6cf-4c89-768a-0b1572265343&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1ed621f7-c6cf-4c89-768a-0b1572265343&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=69806896475093252952859301937886538118&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=69806896475093252952859301937886538118&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b8cd716946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v026-03051cef5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ZWr1MJ1mQwU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=69806896475093252952859301937886538118&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 4728 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=1ed621f7-c6cf-4c89-768a-0b1572265343&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022010409-14313-0.296316001641286294-1817f24f3fed23ce4014f3f84b7143f2&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022010409-14313-0.296316001641286294-1817f24f3fed23ce4014f3f84b7143f2&zdid=533&env=mWeb
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b84c196946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022010409-14313-0.296316001641286294-1817f24f3fed23ce4014f3f84b7143f2&zdid=533&env=mWeb
Date
Tue, 04 Jan 2022 08:51:34 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7049270943221151891&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7049270943221151891&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b80b846946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7049270943221151891&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 4728
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1ed621f7-c6cf-4c89-768a-0b1572265343
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ed621f7-c6cf-4c89-768a-0b1572265343&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1ed621f7-c6cf-4c89-768a-0b1572265343&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=rbYigYLT.JMBUSwS//yJZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=rbYigYLT.JMBUSwS//yJZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b84c126946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
last-modified
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=rbYigYLT.JMBUSwS//yJZO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 4728 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=1ed621f7-c6cf-4c89-768a-0b1572265343&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1ed621f7-c6cf-4c89-768a-0b1572265343?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1ed621f7-c6cf-4c89-768a-0b1572265343?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=66216b71278da514746612813b9ec87&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=66216b71278da514746612813b9ec87&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b8bd5d6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=66216b71278da514746612813b9ec87&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
cache-control
no-cache
x-server
10.45.25.250
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-Wm21rWtE2op6ThLsGMySLBb90kMDIu3dww--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-Wm21rWtE2op6ThLsGMySLBb90kMDIu3dww--~A&zpartnerid=570&env=mWeb
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b8eda96946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 04 Jan 2022 08:51:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-Wm21rWtE2op6ThLsGMySLBb90kMDIu3dww--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n5%2BBsrnoikFNQuWVFoRXTXfVfEUECDLg%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n5%2BBsrnoikFNQuWVFoRXTXfVfEUECDLg%2BS41iYitP1U%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b8bd5b6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=n5%2BBsrnoikFNQuWVFoRXTXfVfEUECDLg%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 4728 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 4728 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.38.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-38-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1641286291
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4728 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdQKkwADBBBufQAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdQKkwADBBBufQAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&_test=YdQKkwADBBBufQAm
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b99fa56946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641286291.446039,VS0,VE0
x-served-by
cache-cdg20781-CDG
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdQKkwADBBBufQAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&_test=YdQKkwADBBBufQAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=15b961d4-0a93-4000-9579-d9ee48656320&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=15b961d4-0a93-4000-9579-d9ee48656320&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b8fdf36946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=15b961d4-0a93-4000-9579-d9ee48656320&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 04 Jan 2022 08:51:30 GMT
usermatch.gif
beacon.krxd.net/ Frame 4728
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b40...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
52.49.38.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-38-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1641286291
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
date
Tue, 04 Jan 2022 08:51:31 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4728
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&dcc=t
Protocol
HTTP/1.1
Server
54.239.37.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NMAFGQ7YSTXH4ZH7V2T5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BPGCFZR6V9YRRB8XEP2F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1ed621f7-c6cf-4c89-768a-0b1572265343&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=1ed621f7-c6cf-4c89-768a-0b1572265343&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339ba28ef6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
Content-Length
0
BK-Server
bf0c
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 4728
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b9afbe6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
date
Tue, 04 Jan 2022 08:51:31 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 4728 		557 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81592bd7e81cea6edbabc4d7707549124be3880882b15706dfb16cce4382f35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8339b7bae46946-FRA
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 04 Jan 2022 08:51:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
um
u-ams02.e-planning.net/ Frame 8496
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0cd8c63c53c31472
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cd8c63c53c31472
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cd8c63c53c31472
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=0cd8c63c53c31472
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 8496 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 03 Jan 2027 08:51:31 GMT
prebid
rtb.openx.net/sync/ Frame 8496 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0cd8c63c53c31472%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
1gl4alaeueqvruihhtvj73kp1c7trccu
ptag
a.audrte.com/ Frame 8496 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
822a6af08230fa1220e16c061a9a1c9e23a990b0cd0a8714baee588653088835

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 8496 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 03 Jan 2027 08:51:31 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 8496
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0cd8c63c53c31472
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Tue, 04 Jan 2022 08:51:31 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 8496
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0cd8c63c53c31472%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cd8c63c53c31472&uid=8621192223309356306
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cd8c63c53c31472&uid=8621192223309356306
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b353f056-85c6-4151-890e-073c78e3156e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0cd8c63c53c31472&uid=8621192223309356306
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F7F4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 5F1A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6694 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0cd8c63c53c31472%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68952
expires
Wed, 05 Jan 2022 04:00:43 GMT
date
Tue, 04 Jan 2022 08:51:31 GMT
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 609B 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
connection
close
content-length
35
content-type
image/gif
cmp
spl.zeotap.com/ Frame 4728 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339b7fb666946-FRA
usync.js
eus.rubiconproject.com/ Frame 5F1A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e8291d4dd56fdf2b9d6ce0f19cb47a2a2bc38edd11c766d847bbc22e387fc54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:51:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43031
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Tue, 04 Jan 2022 20:48:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5F1A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
usermatch
ssum.casalemedia.com/ Frame AE2A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2d6c6601406d641a6b39066de4af666aee60cbf09dbe3302ef3be6ab04292d6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
130|206|65|81|13|230|152|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1625
Expires
Tue, 04 Jan 2022 08:51:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame DEDA 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 3825 		530 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a62e1fa9150e26dab73609671a73aebd698ecd1049c9d93f74d05aa223bfd3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339b82be16946-FRA
content-encoding
br
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5F1A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Tue, 04 Jan 2022 08:51:31 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1641286291257&cid=6194c0f876cae755cd2701fa&VERSION=4.115.0&AV_PAGE_LOAD_UID=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_CDIM4=e821b97e-983e-4072-9f1f-984154a0fbc7&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mw
mwzeom.zeotap.com/ Frame 3825
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1ed...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6c8339b9afbd6946-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
date
Tue, 04 Jan 2022 08:51:31 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 3825 		557 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7466bc8e9485030aca11676fbf7c7fd0587636779a3a403cad977acf227e38a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray
6c8339b86c4a6946-FRA
date
Tue, 04 Jan 2022 08:51:31 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 04 Jan 2022 08:51:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cmp
spl.zeotap.com/ Frame 3825 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=7cbe3db7-6f8b-450c-7116-bf575360e3ed&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339b89d006946-FRA
crum
dsum-sec.casalemedia.com/ Frame AE2A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEVwE7DqBUAAEA02gDEQw&expiration=1642495891&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEVwE7DqBUAAEA02gDEQw&expiration=1642495891&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEVwE7DqBUAAEA02gDEQw&expiration=1642495891&gdpr=1
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
ups.analytics.yahoo.com/ups/55940/ Frame AE2A 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame AE2A
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641372691&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641372691&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641372691&gdpr=1
pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame AE2A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=gP01T4ataEib-WNC0v18Ho-vNUibrzAfjv-WkMhD
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=gP01T4ataEib-WNC0v18Ho-vNUibrzAfjv-WkMhD
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=gP01T4ataEib-WNC0v18Ho-vNUibrzAfjv-WkMhD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame AE2A 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame AE2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdQKkURCNwPKNxbaVPHnRAAABIEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJwcVmHtJ_hDg1_qyJ70toE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AE2A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a08e44b-77d4-436b-b780-9bdf7601c0f2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a08e44b-77d4-436b-b780-9bdf7601c0f2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a08e44b-77d4-436b-b780-9bdf7601c0f2
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
um
u-ams02.e-planning.net/ Frame AE2A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=0cd8c63c53c31472&uid=YdQKkURCNwPKNxbaVPHnRAAA%261153
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
server
openresty
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame EDCA
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0cd8c63c53c31472%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.142.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-142-27.compute-1.amazonaws.com
Software
/
Resource Hash
950cce2a2b759e0d8061edb81e7bf6b1782235a26ded00920e4c3605df9ce6a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 04 Jan 2022 08:51:31 GMT
pragma
no-cache

Redirect headers

date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
cc.js
tags.crwdcntrl.net/c/15238/ Frame 8496 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 03 Jan 2022 22:40:37 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
36655
etag
"2b2f816f40499d384e118ce88a266e02"
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
38402
x-amz-cf-id
kh2QCAaUUaAdrgekCWRnsk_BMXqKqtpVGSQ6tBat68JbCd4t7lp95A==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame FBF2 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

server
openresty
date
Tue, 04 Jan 2022 08:51:31 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sun, 03 Jan 2027 08:51:31 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
8fa0b37c-db09-4c93-af46-938fe7975887
ex.ingage.tech/v1/sync/eplanning/ Frame 0D8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/8fa0b37c-db09-4c93-af46-938fe7975887?uid=AKq2Kn7oOjAPYjgj
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F8fa0b37c-db09-4c93-af46-938fe7975887%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Tue, 04 Jan 2022 08:51:31 GMT
vary
Origin
access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c8339ba9c723747-MXP
GS.d
js.cookieless-data.com/ Frame FBF2 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1641286291630
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 Gennevilliers, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-113.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EDCA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cbe59a57-31c2-45c7-9dc3-9d6463c35728&expiration=1649062291
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 04 Jan 2022 08:51:31 GMT
async_usersync
ib.adnxs.com/ Frame 0040 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jan 2022 08:51:32 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
14946736-f42f-41d5-806a-5078ecbf491f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ 		197 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ec6c533aba412b883ac9e2134e0dc5506d102d9aae57add78336b126e3c832e5

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=810092-1011439

Response headers

Date
Tue, 04 Jan 2022 08:51:33 GMT
Cache-Tag
276070225843454012355768999963740830959,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 810092-1011439/1403420
Connection
keep-alive
Content-Length
201348
X-Served-By
cache-wdc5562-WDC
Last-Modified
Tue, 04 Jan 2022 03:05:35 GMT
Server
cloudinary
X-Timer
S1641268492.658866,VS0,VE1
ETag
"b3a9b6f365a134fb0c9815f0a1715805"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31539740
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1641265506/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1641265404853.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Tue, 04 Jan 2022 08:51:33 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=71037&t=1641286288&cip=185.232.23.180&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=680&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1641286288959-980633797214-007787-003-008465&cha=0.1&stagid=&stplid=&d35=&d36=6.1.2.94&cb=53352261287&cd5=default&cd1=4.115.0&cd4=e821b97e-983e-4072-9f1f-984154a0fbc7&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.231.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 04 Jan 2022 08:51:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
track.adform.net/serving/unload/ Frame 18A7 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=54144004503468078@@46150692,7299684451147843698,0|0|0|0|0|0|0|0|0||0|0|1493|48630176-5590-33f4-b3b6-4b35ef8f58f9_1|||1|0|0|-vX0pLuDBv_SMUkGj62UKlgfvZIjecyWNPDaDtjCtMWD-BI384rUpOpmw3fusJ2y0|||11|0|0@@46150692,5499967954892774188,0|0|0|0|0|0|0|0|0||0|0|1493|8eacaac0-d275-3ea3-b0be-985accb3e25f_1|||1|0|0|-vX0pLuDBv_SMUkGj62UKlgfvZIjecyWNPDaDtjCtMU0umCaroDeCOpmw3fusJ2y0|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:33 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel.gif
iponweb503341958152.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iponweb503341958152.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5099&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetruedefender.com&L1id=fmx&L2id=fmx_257618&L3id=thetruedefender.com&L4id=1&S1id=display&S2id=2&ord=1641286288542&r=574441350694&t=page5&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthetruedefender.com%252Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatImpID=e7560484_69d3b647-556f-4a0f-b118-66540bc7daad&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:34 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=0&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3959127750&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUHxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fthetruedefender.com%2Fcdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19%2F&id=1&ii=4&f=0&j=&t=1641286288542&de=574441350694&cu=1641286288542&m=5717&ar=cc97a930ec1-clean&iw=599bb36&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9129&le=1&lf=135&lg=1&lh=32&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1545%3A1545%3A3634%3A1632&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5099&cd=158&ah=5099&am=158&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=fmx%3Afmx_257618%3Athetruedefender.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=195926&na=1039986533&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jan 2022 08:51:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jan 2022 08:51:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

272 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| exactmetrics_frontend object| gaplugins object| gaGlobal object| gaData function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| FullworksAntiSpamFELO object| Insticator object| header boolean| mnIsDark boolean| tnIsDark object| ldAdInit boolean| jQueryScriptOutputted function| initJQuery object| _peq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| JetpackInstantSearchOptions object| webpackChunkwebpack object| wpcom object| _tkq object| _stq object| jetpackLazyImagesL10n object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| is_boxed_layout boolean| megaMenuAjax object| Modernizr function| TieSticky object| $the_post object| $postContent object| addComment function| loadCSS string| c object| jeengConfig object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| st_go function| linktracker_init object| _ldStickyConfig object| InsticatorXmess object| php_js number| distance number| time object| animationAction object| _peSd object| _peD object| _peE object| _pe object| _ldAdIdMap object| InsticatorApp string| insticatorHeaderCodeVersion object| googletag object| instBid undefined| isChrome undefined| stackLineNum undefined| stackLineString undefined| errorLoc undefined| errorMsg object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant object| _mgIntExchangeNews object| MarketGidInfC1229983 function| MarketGidCContextBlock1229983 function| MarketGidCMainBlock1229983 function| MarketGidCInternalExchangeBlock1229983 function| MarketGidCRejectBlock1229983 function| MarketGidCCriteoBlock1229983 function| MarketGidCInternalExchangeLoggerBlock1229983 function| MarketGidCObserverBlock1229983 function| MarketGidCSendDimensionsBlock1229983 function| MarketGidCRtbBlock1229983 function| MarketGidCIframeSizeChangerBlock1229983 function| MarketGidCContentPreviewBlock1229983 function| MarketGidCResponsiveBlock1229983 boolean| mg_loaded_674711_1229983 function| _mgLib1_11_65 function| _mgwqp object| MarketGidInfC1229464 function| MarketGidCContextBlock1229464 function| MarketGidCMainBlock1229464 function| MarketGidCInternalExchangeBlock1229464 function| MarketGidCRejectBlock1229464 function| MarketGidCCriteoBlock1229464 function| MarketGidCInternalExchangeLoggerBlock1229464 function| MarketGidCObserverBlock1229464 function| MarketGidCSendDimensionsBlock1229464 function| MarketGidCRtbBlock1229464 function| MarketGidCIframeSizeChangerBlock1229464 function| MarketGidCContentPreviewBlock1229464 function| MarketGidCResponsiveBlock1229464 boolean| mg_loaded_674711_1229464 boolean| _ldStickyRendered object| _mgq object| MarketGidInfC1229463 function| MarketGidCContextBlock1229463 function| MarketGidCMainBlock1229463 function| MarketGidCInternalExchangeBlock1229463 function| MarketGidCRejectBlock1229463 function| MarketGidCCriteoBlock1229463 function| MarketGidCInternalExchangeLoggerBlock1229463 function| MarketGidCObserverBlock1229463 function| MarketGidCSendDimensionsBlock1229463 function| MarketGidCRtbBlock1229463 function| MarketGidCDiscountBlock1229463 function| MarketGidCIframeSizeChangerBlock1229463 function| MarketGidCContentPreviewBlock1229463 boolean| mg_loaded_674711_1229463 object| __connect function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT string| partnerName string| key function| instBidChunk function| lightboxjs function| lightboxlib object| onClickExcludes function| mgReject1229983 function| mgLoadAds1229983_0e1c7 function| MarketGidCReject1229983 function| MarketGidLoadGoods1229983_0e1c7 function| mgReject1229464 function| mgLoadAds1229464_09944 function| MarketGidCReject1229464 function| MarketGidLoadGoods1229464_09944 function| mgReject1229463 function| mgLoadAds1229463_00312 function| MarketGidCReject1229463 function| MarketGidLoadGoods1229463_00312 function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint674711 string| _mgPvid object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery1710650231283072455_1641286287631 boolean| _mgPageView674711 function| LoadCriteoAllPlaces1229983_0e1c7 function| LoadCriteoAllPlaces1229464_09944 boolean| i.js.loaded boolean| i-noref.js.loaded object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| LoadCriteoAllPlaces1229463_00312 object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| __EXCO string| pbPageIdentifier object| jQuery1710650231283072455 function| Hls object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_10155879 function| av_sciv_hndlr1641286288645 object| storageAni object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| _mgwcapping boolean| _mgPageImp674711 object| BrandSafetyNadoscallback_10155879 number| google_global_correlator object| closure_lm_910394 object| ats

90 Cookies

Domain/Path Name / Value
thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19 Name: exco-uid
Value: s6bm5qjpb0zmha4e
thetruedefender.com/ Name: PHPSESSID
Value: 1d0bbd4aa5788586fcff2696c39932bd
.thetruedefender.com/ Name: _ga
Value: GA1.2.2051100181.1641286287
.thetruedefender.com/ Name: _gid
Value: GA1.2.1668156097.1641286287
.mgid.com/ Name: __cf_bm
Value: 4dqoTEPudPww0ahWP.o4n.4loh.LdpyugHg3z.S29SE-1641286286-0-AaQDhOyo1iYqwvVBzwbk8MyeJBogrnHLMQ3SpSrn+X0SJ29sX+YPoo+dpo4ybWmbXoRXGFqn5DhgYZoyezZwsM8=
.thetruedefender.com/ Name: _gat_gtag_UA_186892928_1
Value: 1
thetruedefender.com/ Name: InstiSession
Value: eyJpZCI6ImZlNjU3Nzc1LTRjMjYtNDYwYy04NTMzLTI1ZDM0NTc3NzljNyIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.thetruedefender.com/ Name: tk_ai
Value: 7Qi7yfxw9FdyOEzBRemIWDEn
thetruedefender.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thetruedefender.com/ Name: _pubcid
Value: 373aa896-2215-474d-893d-677b6105f443
thetruedefender.com/ Name: plsVisitorGeo
Value: DE
thetruedefender.com/ Name: plsVisitorCity
Value: Hessen
thetruedefender.com/ Name: ucf_uid
Value: c687d2ce-49d5-4cad-9fcc-0daa2d7dcce4
thetruedefender.com/ Name: hb_insticator_uid
Value: 8fa0b37c-db09-4c93-af46-938fe7975887
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AKq2Kn7oOjAPYjgj
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YdQKk
thetruedefender.com/ Name: cto_bidid
Value: _jCow195TVRLdTVLbXZvJTJGeGZoZkVmJTJGZ01kOElYS1EyU0dKUkpoViUyQm5wWnRyRDhiMkZ1ZTlYSHZwaVFmVEljb0xucWNTUzYxa0R3QkZ4T3clMkZlOWltZG9YMVJ3JTNEJTNE
thetruedefender.com/ Name: cto_bundle
Value: 2gdTH19UdWJVdWFFV0JDbTA0UGNpVlYycnVWOVBVS0duenRkWm1tZFdNVkwlMkZFb2NTYnpKSFkzV0hOY21FRlY0eUh5TlF1b01EZGtVbEd2RHNPRTVCdHJETXVPJTJCQ1gwVnJHc3JqbTA3S2VyZG1CWnhkODN4WFpXUVdSQTY1REUwR3BoRTQ
prebid.a-mo.net/ Name: __amc
Value: 1_1641286287_1641286287
.aralego.com/ Name: sspid
Value: c687d2ce-49d5-4cad-9fcc-0daa2d7dcce4
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/ Name: muidn
Value: m04rNL6QY1P0
.thetruedefender.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.bidswitch.net/ Name: c
Value: 1641286288
.bidswitch.net/ Name: tuuid_lu
Value: 1641286288
.bidswitch.net/ Name: tuuid
Value: c6abe74c-e537-488e-bb99-f0b4a83e6663
thetruedefender.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1229983%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641286287743%7D%2C%22C1229464%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641286287749%7D%2C%22C1229463%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641286288103%7D%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 54144004503468078
.adform.net/ Name: TPC
Value: 1641286288411
.lijit.com/ Name: ctag
Value:
.aniview.com/ Name: aniC
Value: 1641286288959-980633797214-007787-003-008465
thetruedefender.com/ Name: _lr_retry_request
Value: true
thetruedefender.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMID
Value: YdQKkURCNwPKNxbaVPHnRAAA
.casalemedia.com/ Name: CMPS
Value: 5202
.casalemedia.com/ Name: CMPRO
Value: 1153
.adsrvr.org/ Name: TDID
Value: 78aaf8f4-e3ea-4839-93a2-b29fd5b0abda
thetruedefender.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2278aaf8f4-e3ea-4839-93a2-b29fd5b0abda%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-04T08%3A51%3A29%22%7D
.thetruedefender.com/ Name: panoramaId_expiry
Value: 1641372689219
.spotxchange.com/ Name: audience
Value: 81fef679-6d3b-11ec-b2e7-180e33a50006
.simpli.fi/ Name: suid
Value: 09064F370D114006A5F586E0FAF1CFC9
.doubleclick.net/ Name: IDE
Value: AHWqTUm06x-kgRWXh5O54O9NJHyGAUtZ8YAAWdu7jrzoRS-Un5qQ0aZ5hEpLXdb8fWQ
.aniview.com/ Name: 2_C_42
Value: YdQKkURCNwPKNxbaVPHnRAAA&1153
sync.aniview.com/ Name: 2_C_42
Value: YdQKkURCNwPKNxbaVPHnRAAA&1153
thetruedefender.com/ Name: _lr_geo_location
Value: DE
.casalemedia.com/ Name: CMST
Value: YdQKkWHUCpMA
.zeotap.com/ Name: zc
Value: 1ed621f7-c6cf-4c89-768a-0b1572265343
.adnxs.com/ Name: uuid2
Value: 8621192223309356306
.a-mo.net/ Name: amuid2
Value: 52007b0a-9807-417d-b305-ae354576cd36
.lijit.com/ Name: ljt_reader
Value: 504a5ab2437c2d3fd31d0010
.mathtag.com/ Name: uuid
Value: 15b961d4-0a93-4000-9579-d9ee48656320
.tapad.com/ Name: TapAd_TS
Value: 1641286291176
.tapad.com/ Name: TapAd_DID
Value: ff3bc3d3-e676-4d04-bcea-70326c132102
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwj-zMemxNqnOhAFOAFaBzJ4bGdyemxgAg..
.adfarm1.adition.com/ Name: UserID1
Value: 7049270943221151891
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.weborama.fr/ Name: AFFICHE_W
Value: 3jtyy@XWsOve45
.turn.com/ Name: uid
Value: 2488044011064200694
.yahoo.com/ Name: A3
Value: d=AQABBJMK1GECEKhCTlRRzXBw914gF00_AtUFEgEBAQFc1WHdYQAAAAAA_SMAAA&S=AQAAAmhd1SstCYrdk0PNOHCBJ-g
.zeotap.com/ Name: zsc
Value: %E6%216%22%8C%E0A%B0%CF%7B%260%0B%98%F2%C0%A4%1F%2A%AE%8F%9DL%5D3%189%D1%EB%CE%AD%15%ED%27%F6s88%BA%94%5B%B3%7B%DF%EE-D%3B%E3%8A%D3%D4%5B%24%A2.%F2%DB%3A%C1%3A%BDw%25%F4lo%E7%86s%9A%E9%9B%EF%2A%DF%7F%24%BE9%00%0EI%E1%12%F7%15%1E%E6%FA%BD%9F%07%DD%91%EEMC%C6%F7%90cv%EC%238y%F6%D1h%3B%CA%12%22%92%21%18%E9S2U%96%CA%90L%D5f%D4%C3S%E3%17%1B%ED%95%BB%8B%9F%23%B3qHM%05%88%F3W%D6%7F%D3%F2%1A%CD%E6%9B%14%A6h%2F%8C%93%14.b%7D%8E%0D%D5
.theadex.com/ Name: axd
Value: 4282066706276066161
.theadex.com/ Name: tis_rgL
Value: rgLeAsAv
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.richaudience.com/ Name: avcid-zeo-uid
Value: 1ed621f7-c6cf-4c89-768a-0b1572265343
.demdex.net/ Name: demdex
Value: 69806896475093252952859301937886538118
.owneriq.net/ Name: si
Value: Q6945726911317896488
.owneriq.net/ Name: p2
Value: cc
.agkn.com/ Name: ab
Value: 0001%3A13LW5IwDt%2BB4S5CcpxXl%2BoJgMf2x9XQK
.dpm.demdex.net/ Name: dpm
Value: 69806896475093252952859301937886538118
.admanmedia.com/ Name: admtr
Value: f0bc023a27acfe141395e0e1a465f2441f0411f8
.quantserve.com/ Name: d
Value: EFEBDQGPJbjvsQA
.quantserve.com/ Name: mc
Value: 61d40a93-529d1-e9cd3-cad83
.sportradarserving.com/ Name: zuuid
Value: 65bd5450-c8ff-4d8c-9185-1bbad3b5b269
.sportradarserving.com/ Name: c
Value: 1641286291
.sportradarserving.com/ Name: zuuid_lu
Value: 1641286291
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1641286291
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.tidaltv.com/ Name: tidal_ttid
Value: 350a5d6f-5747-48ce-834d-8ef97b0cf090
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srQwtzK0MAIA8e8PuwkAAAA="
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdQKkwADBBBufQAm
.bidr.io/ Name: bito
Value: AAEVwE7DqBUAAEA02gDEQw
.bidr.io/ Name: bitoIsSecure
Value: ok
.aralego.com/ Name: gdpr
Value: 1
.krxd.net/ Name: _kuid_
Value: OlMcKTGA
.eqads.com/ Name: EQUser
Value: UID=cbe59a57-31c2-45c7-9dc3-9d6463c35728
.fwmrm.net/ Name: _uid
Value: "e3227_7049270943218737633"
.casalemedia.com/ Name: CMRUM3
Value: f161d40a9105a0&2861d40a932760cbe59a57-31c2-45c7-9dc3-9d6463c35728&0d61d40a9305a0&2e61d40a9305a0&1f61d40a9305a00&5a61d40a9105a0&0461d40a9305a0&5161d40a9305a0&c461d40a9305a0&8261d40a932760AAEVwE7DqBUAAEA02gDEQw&2761d40a910b40&5861d40a932760YdQKkwAC-9K4CgAF&e661d40a932760&4161d40a9305a0&0361d40a93276015b961d4-0a93-4000-9579-d9ee48656320&9861d40a9305a00&ce61d40a9305a0&ee61d40a912760&2d61d40a912760CAESEIF8diqlcGNvGivauQCxm2w&4961d40a9305a0

6 Console Messages

Source Level URL
Text
javascript error URL: https://thetruedefender.com/cdc-withdraws-use-of-pcr-test-for-c-19-and-confessed-it-cannot-differentiate-between-the-flu-and-c-19/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=88' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YdQKkURCNwPKNxbaVPHnRAAA%261153&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1ed621f7-c6cf-4c89-768a-0b1572265343&reqId=4052e7a0-acb1-4f97-6e33-ff5f9b401d17&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
atrack.avplayer.com
ats.rlcdn.com
auth.instiengage.com
aws-fr-sync.bidswitch.net
aws-fr.bidswitch.net
b2c.insticator.com
b2c.instiengage.com
bcp.crwdcntrl.net
beacon.krxd.net
biddr.brealtime.com
bn01.er.bemail.it
c.mgid.com
c0.wp.com
c1.adform.net
casale-match.dotomi.com
cdn.aralego.net
cdn.mgid.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
ce.lijit.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
cms.analytics.yahoo.com
cms.instiengage.com
confiant-integrations.global.ssl.fastly.net
cs.admanmedia.com
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.optad360.io
get.s-onetag.com
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
iponweb503341958152.s.moatpixel.com
js.cookieless-data.com
jsc.mgid.com
lightboxapi.azurewebsites.net
loadeu.exelator.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
mcd.ex.co
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
prebid.a-mo.net
premiumsrv.aniview.com
product.instiengage.com
protected-by.clarium.io
pubads.g.doubleclick.net
public-api.wordpress.com
px.moatads.com
px.owneriq.net
pxdrop.lijit.com
rtb.openx.net
s-img.mgid.com
s.amazon-adsystem.com
s.e-planning.net
s0.2mdn.net
s1.adform.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.instiengage.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.adotmob.com
sync.aniview.com
sync.aralego.com
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
telemetries.jeeng.com
thetruedefender.com
token.rubiconproject.com
track.adform.net
track1.aniview.com
trc.taboola.com
u-ams02.e-planning.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
users.api.jeeng.com
vap3ams1.lijit.com
video-native.mgid.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lightboxcdn.com
www9.smartadserver.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
sync.adotmob.com
104.109.78.125
104.111.233.227
104.111.242.53
104.154.142.214
104.17.119.107
104.19.133.78
104.19.135.78
104.89.42.102
108.157.4.71
13.32.99.35
141.95.3.40
142.250.185.130
142.250.186.34
143.204.98.111
143.204.98.115
143.204.98.71
147.75.38.124
15.197.193.217
150.136.26.45
151.1.205.165
151.101.193.108
151.101.2.132
151.101.65.194
151.101.66.49
162.210.196.208
168.119.149.178
169.50.137.182
178.162.133.149
178.162.133.150
178.250.2.146
18.156.0.31
18.159.117.129
18.159.168.223
18.170.15.31
18.198.122.33
18.198.69.109
18.208.104.24
18.235.17.58
18.66.112.48
185.29.134.248
185.33.220.145
185.33.221.15
185.64.189.112
185.64.190.78
185.86.137.114
185.94.180.124
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.23
2.16.186.146
2.18.233.180
2.18.233.201
2.18.234.21
2.18.235.40
2.19.35.65
20.40.202.0
2001:678:cb4:bbbb::11
212.129.3.113
212.82.100.182
213.19.147.42
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2600:9000:211e:e200:17:5bae:c7c0:93a1
2600:9000:2156:1a00:a:cbb7:a940:93a1
2600:9000:2156:8e00:6:b871:4f00:93a1
2600:9000:2156:9600:b:6268:b880:93a1
2600:9000:2156:ec00:11:a4de:2580:93a1
2600:9000:224a:e00:1c:386f:ec80:21
2600:9000:2315:4200:10:3422:3f00:21
2600:9000:2315:9000:9:78a:e540:93a1
2606:4700:10::6816:39ae
2606:4700:10::6816:b7
2606:4700:10::ac43:db6
2606:4700:20::681a:567
2606:4700:20::681a:942
2606:4700:3031::ac43:d645
2606:4700::6810:50a5
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9a
2a02:2638::1c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:ef::5f65:4d5b
2a02:fa8:8806:20::2010
2a03:90c0:41:2801::254
2a04:4e42::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b001:c4d3:9642:4a9c:6d1c
2a05:d018:d29:3602:74fc:7750:9e36:ae36
3.120.57.46
3.123.92.70
3.212.173.197
3.216.170.81
3.89.94.83
34.120.247.19
34.149.20.76
34.200.60.187
34.224.231.98
34.246.74.180
34.98.67.61
35.157.4.27
35.174.233.127
35.175.96.225
35.201.81.244
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.235
37.157.2.237
37.157.6.235
46.249.52.248
5.178.65.245
5.178.65.252
51.178.20.139
51.89.9.252
52.208.103.128
52.210.199.144
52.213.98.175
52.46.130.91
52.48.101.48
52.49.38.161
52.73.58.202
54.172.19.43
54.208.142.27
54.239.37.45
65.9.58.37
66.155.71.150
67.202.105.23
69.173.144.138
69.173.151.100
72.251.249.14
72.251.249.9
75.101.235.47
8.2.111.142
85.114.159.93
89.163.159.104
02810e956d84641218d016effe7678e6029cf304707c5adb1850eed9f196eeb6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
065a72457e105102f8a17ce715d02d3d803bd7ed05a9acad86a7b17fa6231a6f
0677838df5aca9aebc1b1ffc45487931107a47f714ee880e7eb3cba29d4aced1
09fa34da7cec5d858d80284c9af6471ccabff92d300773348163f66ae5d092b8
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0d2307ec012442cce1d50ea7f669e8cd990b528e1d5d1e745d9a01f8e6314ef7
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0ebe8323819179f7e6f9cf8210689f29381980b1b16f7c887b2541b1db27c231
127af483872f885ce78fc10c826d0368b4918bf70baccfafdb6e7c31713f5f5c
13c54512e0580d6f45587d9407dd0503aaaf6e825705b2c91bfbef83b1aabd3e
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
144dc8356ddfa157a0f63fd00a3cbc33f41d367297925cc7f08a5c6a57410249
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
150d23aa61516aa3cf835518a4e9437b39809b925983a8c8808246af54ad79ce
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
16ea4453208788be7a92faae3fc0399addf819b44cc14228608a68c30d3fd26f
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
2027125ba73adc31e16ccbc439fcbd81452b0337d22c7fcd6a492e3890f4a6b4
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20d5792833082d0f85e2f04c42639163756afb385c0e4cf69b2e19139a2314d2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2365a1c4415706420a899a6efbeda8aa7aa1567a7d35f9eb9b67f79628d0d08e
258c3c8991ced4ff294714e8e52d949478b0e181adc508824e00b439e16b8921
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274e9f59c686dc91b4c110341a53a8514d40629fa9e9ea32ba7118d6f23b022e
28c5750333e485101eb81fe2c330bbcfb26a51291bdabd15c26223d716e1f8a4
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2b7b08df59ef8bf3dac35d902712b14ad16a76068cb3e5949bb066e09adddc6b
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2d6c6601406d641a6b39066de4af666aee60cbf09dbe3302ef3be6ab04292d6e
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fd05863522b536607f8b669ad1ebe934ad487cb8252a4f6bb9f44931681cbd9
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
317fd46455fbc48eb6bfc26d007e6ccde63bc827e228fd43dfedd3b763afc7cd
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36924f7449ae9cf1935fdba5aa63868a40888c8a1d92157d1fa64cdf005df47c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38fe6cfbde5b18ce416177a64e004c422e5dbf91e757c0c58c68c92439a31f73
3d17817c1ea0611ea15af93023466823589e08ea692112c57f6c44b0a3cd77e1
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df455678f8ecfc0a47e0862159525199b376676d4876ff118f9d1c3bd7b62cc
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066c90f570d82554427cb534ec0d886d569f53c9d5b06fae0ac41a10061c913
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46480d7c4b292a057462dc9b7c854504a5807063e2788de35245b56b7385b4b6
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
4759d13585e49798f68b3fad54d819720f7189d954915b828b728b4036525c3c
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb
4e6cb0f5e2652428d28bc89a7ee2bbb5bff7f695539f18b381b1ce1421691737
4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6
5079a5f622e56fb5ffb7dc33e18e18f7ea375afd14fbf7bfe038749658ac5cb5
50803e8866e13bcb855c543d26af18d7446c84ea73137931c16d431610095a72
543579c351980562d0f25e1ad5b68b42295e3eadf2c79ca1fdd0b87a38a7225e
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
55acebb47572b66922405ebf9181dadf4a7769065ee267bf946790bbdcb1e060
5689a5d4d64d87ca4c59bfcdd22f3e33d45906909d12611f80f3ba01df777d48
57f12b132699d37ffc44ba1c3b4af922cfed01212b24539fe14ba59c4a8c5827
5859837fba51b1126389a100aced2376dfd92575dc415a26247b994f4d828078
5a355cc5b928f3705ffc380136d08450674155fec7812136c30b1094d086b191
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5dc7d5c866f5fa13297461243c843c6bc60da7a8a81496dc4c13881308dbfc55
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
5eb46dfb05ef6f27ac56735d107ac4a52569f68e8ea76fcdacbe7a543754ce6d
6067c93cbb06e7c93cf43f265b9f541fcd7c499d2aa68b676726627b0f4d4f50
61592100d3a35933fdb0d11ace2195e438821177da3f5c653005d1347122c380
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62136b040d60565d9d000be01d1bc5b4099fa4e725baf14f207138be1a20634d
62f74e17624065f7d697afc86850bca0c9002371903ba73b5db27a70d1357c56
6400110d901dd6fea8969702f4ebbc3615aef26cdd399b279dca430da431b799
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
698b37e777435df85f3c395e800ea21013c583a75b7f3939973519f1b1d16728
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
69a653da847c5684892ff44a188fa4d113aea5723a82e8e4b324b4946efde758
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af1450648f20f17fc45444c15728cacd9214b9f7ce41c02ab1d6cddb3b466c8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c125c2cd698835d8e25d23769e3c58645b59ac951d7e04d940c89928085c865
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6db53035915bc97c6b3f3617171d976ff4478e060426db6061b404a1e8321389
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e
6fa809d7dfabbc5894008b2860a975909c5e75e5eea74d95ee2cf5f68f955dab
71ff347b718f921dccea0aa5a74a83dc47dd0f6d282fa496a9a2666c3dc72c9b
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7466bc8e9485030aca11676fbf7c7fd0587636779a3a403cad977acf227e38a4
74ea4323119d2cca8e06e14e1bcaf5a9fd3deb72abae95b0d5e40cf4c6ed3028
76419850b28c02d07aac8b35367fc514dee9e67666b5de7ac5507fb3044c8437
765661793eccdb0143ec5e65044bf8dc5189794c7f2cd9dd7e6f26d973ad6a28
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
796cec06ffa8e443daa212746833ef3e0f04304e75edc1c3d213644bab554177
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bcaaa6c08a536b218722578e5daa4dbdcc4fd030c8ced158850367fbc513b90
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7e19248dc1db3bf63e09be8134fbdd069e786e5c5156d95ad9ab9f14bcc87216
7e7637b93a3d36d854b1f8ef67c93a8aba841ab9717347f1374a5651e5f345df
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
8121d8c18714f80a7c0355a59b6103d3d3b977205a15102e1c6357cd6e370006
822a6af08230fa1220e16c061a9a1c9e23a990b0cd0a8714baee588653088835
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
84ce7903d938e7354183e90e6494a5f52749f8fb7a6a432224b87df818919db2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
870ede092e06e98814bac272a1184df0320c010282aa2e3402854d4183a7c599
873671051fb6aa40481649af91d8f0902d94cff27266ec5deba3cd084255b43d
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
888afa7d08220092b0c5c29bfccd822fe5ff96130a52bab449d8b124ab6803e4
8b3b37529eec967651bdd54c5fb89a642841eea6ea8907f76c2fdc2fac10df54
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d0ed92a6defdca86f9018c8b5b920af2232d0c47f0b08a3bafa01ba009a583a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8291d4dd56fdf2b9d6ce0f19cb47a2a2bc38edd11c766d847bbc22e387fc54
91ee239687f47cfd398414ca4ce4a50014ec75ce6e0085aa8b4640b72293e32c
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
9288eb64577208c33af8319f44f217a7079f59e28a21bc86d1bef6ae0432d359
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
946cb6b6bf4a0aa2e2a5c106687b9b61ef8a10a376d8761ab6004df3e3bb47a0
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6
950cce2a2b759e0d8061edb81e7bf6b1782235a26ded00920e4c3605df9ce6a7
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1949aedbf6964387c7d829ac236561f21b19908617c6b4343016e89e3bb7d56
a29f6b1c161c732bfbb78a1cf4b1802997ad6fd7e2d88089c5a0810fb825b398
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a7eeaf3b2d4b426182fd11a371d5e40f4b0841203ce06493d41e05cdc7949356
a8ef9f7d27bb98e433779677626afd16bd2073d9af643a18dda1b4daa5223222
a9d4e9313a233aef04123c99c7f444fec1f30a40c2ed883935e9e4fd5b7684e3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac8b62de57512270a81246d51d63e227f7e33941c3f02ca5ba8d09e57d07f33
aad7e707195e7658160baa3533e5792e4556ff8437479694372df64340949d2b
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2
ac6de49956db9b5f8bf923e89703b8da48202c1fb756a1388d69021f49477a9e
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8610e44e8506e2be7615782cd4b6c9ec1b971392944bc62a2a0747a0c3c1c4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2539f6f9db483523855e6d68398dae5941fd59c5996bf93043abdc91b320d25
b29ef9c5435338729cb9e7cc5807b5a54390ca0d95cd5e57ba42c35aa1d70f73
b2fc98434f7d83aae9f8ff231b335d68afa7fa5962c78b128d4f5ae569a97ede
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
c1cf26a25365c6e727301ebd9f54b5ae78a90e75d303b11965dea78a53cf0791
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3061fc5c79e2cf7d042c38f65a0b2f6f5dc0dc69bf9e23a701408c377db2ed3
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3
c99b41e7d1526794ed3793c08b551e49dba7f00639c6e26ff11775db8ccba94f
cb6572a0738277ca7d152fcc9f00b7b04d270c84ce466da41884efa11b5352d0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd369a3da69be23d0a862675c6ee71e362404efc35c0c6d8fc8ab2881a01a00f
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b
d0bbec4952c7ae822cea69d5b2017f521dc7c543331d29fee3487a71cbeb09b1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d1159b19e8ddffae8dd69cd2af6ba630082dc30a3da0ad4b5366c4e5a81d0d
d35e1c057e26849dbf777e7f8d5baec6ad67a3a0305a6d24045c38d9bf037758
d4587b41854ad9a6da58ebcdafa01d426d1f8945810c656891cda431603a567e
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d632aa827f2a336ce5d2c49cc650a79df0980ba157949a9579693403ab724ff0
d81207b18eacfc53d1382830982568a2270fbeeb4928eb95c26f0bd75cbb2335
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d96f1ea31229457e5c813aabdcee8aff59a9d7caa01053dd613b275686f2e1cb
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
db1d7caa12644f684c81f53e9d5fe1c295f0184c612b7433fd3c8f0df2fb5c65
dc027f2c4edbc70d2839f0b120e3d20efb0052f03de66f0e562a4d3cccbe0915
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd6f6dd363a64823cd9ef99b97becaf5e8cc29b89f6b620f70a46b68b9d53803
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e6fcd6bcc165def5d7e6a10390a3be7bcbad42dbede13c4d16b4e5ea9dd99
dfb86c8635e10135e1dd83eca724042accea2209434a6b189d2475842df2228e
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e44c10df7bc0fa5bd8b4b2f6a8a8d4cbdcb2c162b2e8ec725ed77770f8e09006
e70c3df34821b301afd098f37b2f4005b326495db887d875b0aeaa641f5e72bc
e7e7b7b5a058930a53c3e2b86ecd46b60a40a6cbdc4adc354f48b0ce205d7b55
e81592bd7e81cea6edbabc4d7707549124be3880882b15706dfb16cce4382f35
e82dca79ce680ae96c0e8b76b86658a739b6c1685c2a88f0355ede2b82fa1c83
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e905c066c86990edffd66350e30796b4795df204c7733d1160fcbed40eaa8549
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec6c533aba412b883ac9e2134e0dc5506d102d9aae57add78336b126e3c832e5
ecbdc9f1e55d45f2d3bc54332fb50391b3a3bd543e8d8d74af48994d0a471aff
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4ad03f915f1e076b83dbd5a6763ddf515db952f313322c91ddd65b5375e813d
f4c2d8fe51d1b04b0b3a52eb78912c187ab47689c39d144200f4ba6a479e8d09
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5a62e1fa9150e26dab73609671a73aebd698ecd1049c9d93f74d05aa223bfd3
f5fbe9ba88d92aaa1bd6b215881e3a4e52ab4af2138d1907c2b84d28adfbe487
fb17381f3d610dd4fa9e72b50ba423535ba01da0df2af8bfe690f8f8c9dc9171
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc95f9573545bb30227f96003e963175244316e7d027043423a2e41686cb4119
fdbe7e42d96d1476bde4b72f38c68734ce4e660b561e4470c32d570d6ced774a
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c
ffb8361ac74b44594df15cc14343b75e4e55b7f23338179b27b5a56ef93eff6f