darkagedefender.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://su8x0h.jlnk2.com/
Effective URL:
https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheW...
Submission Tags: falconsandbox
Submission: On December 01 via api (December 1st 2022, 11:12:57 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 16 domains to perform 48 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is darkagedefender.com.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2022. Valid for: 3 months.

This is the only time darkagedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.235.214.191 18.235.214.191	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
1 1	54.221.161.229 54.221.161.229	14618 (AMAZON-AES) (AMAZON-AES)
14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	94.130.239.232 94.130.239.232	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.206.118 52.222.206.118	16509 (AMAZON-02) (AMAZON-02)
2	44.239.41.64 44.239.41.64	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	18.233.198.198 18.233.198.198	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	174.129.204.243 174.129.204.243	14618 (AMAZON-AES) (AMAZON-AES)
2	188.40.221.212 188.40.221.212	24940 (HETZNER-AS) (HETZNER-AS)
2	88.198.209.125 88.198.209.125	24940 (HETZNER-AS) (HETZNER-AS)
48	18

1 18.235.214.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-214-191.compute-1.amazonaws.com

su8x0h.jlnk2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.123.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

mozonsion-musestuff.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.161.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-161-229.compute-1.amazonaws.com

dbhtrkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

darkagedefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.239.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cache-07.pushwoosh.com

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-118.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.41.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-41-64.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.198.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-198-198.compute-1.amazonaws.com

175132.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.129.204.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-204-243.compute-1.amazonaws.com

175132.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.221.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: kubeapi-nue.pushwoosh.com

cp.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.209.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: r3-front-17.pushwoosh.com

redhotm.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	darkagedefender.com darkagedefender.com	307 KB
7	pushwoosh.com cdn.pushwoosh.com — Cisco Umbrella Rank: 41540 cp.pushwoosh.com — Cisco Umbrella Rank: 49492 redhotm.pushwoosh.com — Cisco Umbrella Rank: 342305	131 KB
6	gstatic.com fonts.gstatic.com	96 KB
5	hyros.com 175132.tracking.hyros.com — Cisco Umbrella Rank: 731740 175132.t.hyros.com — Cisco Umbrella Rank: 754330	35 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2728 api.amplitude.com — Cisco Umbrella Rank: 1428	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 296 fonts.googleapis.com — Cisco Umbrella Rank: 37	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	203 B
2	google.de www.google.de — Cisco Umbrella Rank: 6168	612 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	112 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	55 KB
1	dbhtrkg.com 1 redirects dbhtrkg.com — Cisco Umbrella Rank: 701462	963 B
1	mozonsion-musestuff.icu 1 redirects mozonsion-musestuff.icu	664 B
1	jlnk2.com 1 redirects su8x0h.jlnk2.com	331 B
48	16

	Domain	Requested by
14	darkagedefender.com	darkagedefender.com cdn.pushwoosh.com
6	fonts.gstatic.com	fonts.googleapis.com
4	175132.t.hyros.com	175132.tracking.hyros.com
3	cdn.pushwoosh.com	darkagedefender.com
2	redhotm.pushwoosh.com	cdn.pushwoosh.com
2	cp.pushwoosh.com	cdn.pushwoosh.com
2	www.facebook.com	darkagedefender.com
2	www.google.de	darkagedefender.com
2	www.google.com	1 redirects darkagedefender.com
2	connect.facebook.net	darkagedefender.com connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	api.amplitude.com	cdn.amplitude.com
2	fonts.googleapis.com	ajax.googleapis.com darkagedefender.com
1	175132.tracking.hyros.com	darkagedefender.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.amplitude.com	darkagedefender.com
1	www.googletagmanager.com	darkagedefender.com
1	ajax.googleapis.com	darkagedefender.com
1	dbhtrkg.com	1 redirects
1	mozonsion-musestuff.icu	1 redirects
1	su8x0h.jlnk2.com	1 redirects
48	21

This site contains links to these domains. Also see Links.

Domain
darkagedefense.com
www.networkadvertising.org

Subject Issuer	Validity	Valid
*.darkagedefender.com GTS CA 1P5	`2022-11-30` - `2023-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tracking.hyros.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
t.hyros.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Frame ID: 9C21188C9899DE528905A48A6BC67AF2
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shocking Truth About The Biggest Threat To Come

Page URL History Show full URLs

http://su8x0h.jlnk2.com/ HTTP 303
https://mozonsion-musestuff.icu/7d44e514-2613-4f73-9a3d-7b9a1e2266c2?s1=DADRepublicanPost120122&s2=DADRepubl... HTTP 302
https://dbhtrkg.com/?a=252&c=298&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackou... HTTP 302
https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=... Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

48 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

768 kB
Transfer

1466 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://darkagedefense.com/members
Title: Members Area

Search URL Search Domain Scan URL

URL: http://www.networkadvertising.org/managing/opt_out.asp
Title: Network Advertising Initiative opt-out page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://su8x0h.jlnk2.com/ HTTP 303
https://mozonsion-musestuff.icu/7d44e514-2613-4f73-9a3d-7b9a1e2266c2?s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5= HTTP 302
https://dbhtrkg.com/?a=252&c=298&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i HTTP 302
https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&auid=856851454.1669936372&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8zSJY7rWIZmG9fgPjt25gAM&sscte=1&crd=&eitems=ChEIgL6hnAYQ3eH8m9eWseGoARIdABa7JYwL1cd9go5OznrFt9P887D0lf8ay9qg6sk&pscrd=Ek5DaEVJZ0w2aG5BWVF1ZnZuM0ktY3hjMmJBUklsQUkzaTNieWMxT2ZZZlFSRUt3WjlGTEhqQTNQMXRGTTktVElYdUNucEhMdXFtQjlRWmcaWENoRUlnTDZobkFZUWxzeVJuUDZmNEl1UkFSSXRBQVZPdDlQS2otRXVIaWZHby1CSG5KU3g5OG0wUjcybHFoa255Skc4dDR0X21IRnlMOWJzeHdEbnhYWko HTTP 302
https://www.google.com/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&auid=856851454.1669936372&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0w2aG5BWVF1ZnZuM0ktY3hjMmJBUklsQUkzaTNieWMxT2ZZZlFSRUt3WjlGTEhqQTNQMXRGTTktVElYdUNucEhMdXFtQjlRWmcaWENoRUlnTDZobkFZUWxzeVJuUDZmNEl1UkFSSXRBQVZPdDlQS2otRXVIaWZHby1CSG5KU3g5OG0wUjcybHFoa255Skc4dDR0X21IRnlMOWJzeHdEbnhYWko&is_vtc=1&ocp_id=8zSJY7rWIZmG9fgPjt25gAM&eitems=ChEIgL6hnAYQ3eH8m9eWseGoARIdABa7JYz0vz0QGSFto3iM9Aql9A01FsEPL6kKxl4&random=3412841015 HTTP 302
https://www.google.de/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&auid=856851454.1669936372&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0w2aG5BWVF1ZnZuM0ktY3hjMmJBUklsQUkzaTNieWMxT2ZZZlFSRUt3WjlGTEhqQTNQMXRGTTktVElYdUNucEhMdXFtQjlRWmcaWENoRUlnTDZobkFZUWxzeVJuUDZmNEl1UkFSSXRBQVZPdDlQS2otRXVIaWZHby1CSG5KU3g5OG0wUjcybHFoa255Skc4dDR0X21IRnlMOWJzeHdEbnhYWko&is_vtc=1&ocp_id=8zSJY7rWIZmG9fgPjt25gAM&eitems=ChEIgL6hnAYQ3eH8m9eWseGoARIdABa7JYz0vz0QGSFto3iM9Aql9A01FsEPL6kKxl4&random=3412841015&ipr=y&prhg=0

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request shocking-truth Show response
darkagedefender.com/
Redirect Chain

http://su8x0h.jlnk2.com/
https://mozonsion-musestuff.icu/7d44e514-2613-4f73-9a3d-7b9a1e2266c2?s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=
https://dbhtrkg.com/?a=252&c=298&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i
https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepubli...

68 KB
24 KB

495ms
138ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c932fd652d20fb30d9f5ef505c16b814c92ee5070b3590a4ba8f2bf934f5d30d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 772f828f4e909265-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 23:12:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk4ZtksKdHwhgF47Xqid7iDUHGTAH4mAgWaEAvpuaRLyfqVhgHUKs%2BzsJvTI0a3pgvHCZe9jZg9cu4t1WHpveGqfT%2Bo4%2BjFvYZ4iJZeBzSg6vpBefJdRCTiTyd7tLgkCFX2krctaCucbZhE4pUYs%2BrRg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nosnippet

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 460
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Dec 2022 23:12:50 GMT
Location: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:25:04 GMT

GET
H2 200 global.css
darkagedefender.com/assets/style/ 15 KB
5 KB 105ms
102ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/style/global.css?v=10003
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1456c9f967f25ccda8466d0956c0117974867e4d534e1f577eba635f37f0408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=20482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 May 2022 14:48:13 GMT
server: cloudflare
etag: W/"5002-5dfeb47830549-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCb6At51IvLSbJrXCBZEXgfIPHvz6ELaLu7OMxxNZt3uxJ2exL4ZsuAbJ0LjSEUOUpENeEZZkjroXdOo5mlEZMGEbmyyGgtzTvFEXJrHA%2B2kSoJPvTKhsOtU0P9Cod5aZg3zvrVJRi8IUvaqh%2FdR0Ly5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82903ff89265-FRA

GET
H2 200 forms.css
darkagedefender.com/assets/style/ 5 KB
2 KB 102ms
100ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/style/forms.css?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e31677f0b54b5fd213474d196a4a43bf13122bd317d160ad470ef0c566a25f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jan 2022 22:37:23 GMT
server: cloudflare
etag: W/"1a0e-5d683d869d61d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0pPGgZ4FpUj6lWWOxQGxXJ6MKCuU0DIxg37texbb1UAOLbautY8%2FCGVQYVvkdkoES5hh6fz6Y4zdkWX73feduSkcW%2BbmxvxQALjK%2BURpsitdU97qRJ8M%2FeD6b0O0GemB1LBOZW6EKWC6Zjh2Zo2Ojgc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82903ff99265-FRA

GET
H2 200 buttons.css
darkagedefender.com/assets/style/ 4 KB
1 KB 106ms
103ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/style/buttons.css?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jan 2022 22:37:23 GMT
server: cloudflare
etag: W/"154c-5d683d869d61d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WOkPB%2FheP%2FzB34DRraFZwFxuPabdUhKvXpDIT3gJgxOXGPnGQWJjyoA1i0tcx5pcUEz8xeQuVpRCg%2B15%2BmYt0JYR2rPC7X%2FcTNWiRVEeu5b0j5qFU%2FW%2FNyT2hCGfN%2Bu8aP935qvb%2BAl7Zq%2B5ezfjSDd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82903ffe9265-FRA

GET
H2 200 jquery-2.2.0.min.js Show response
darkagedefender.com/assets/scripts/ 84 KB
31 KB 115ms
114ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/scripts/jquery-2.2.0.min.js?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 22:37:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14e55-5d683d869d61d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm17Iwr1zhZk9J4hVkne0VGhEmYYt0XSee6AlrUbeZ85Zqo%2Bi6%2BY6VuBuRjpcucILfDHKf30EMe5uoVGmYxh5l9oLcSy1Qkihxjx5NwHM9fhe3l7pIXKk4QsTGoSTjqLhjdVNmNnbWQv1aiGwInUBoRg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f829038039265-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 global.js Show response
darkagedefender.com/assets/scripts/ 7 KB
3 KB 117ms
116ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/scripts/global.js?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12543
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jan 2022 22:37:23 GMT
server: cloudflare
etag: W/"30ff-5d683d869c67c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzQjP9yySS3X4IPQrqdRC%2FjQfACt4x47H7AFsJ%2Fjdrn5fnze2unuwHJZ0IPLKnxm1ngFXcs947dpkXXsxyz7UbSUVTsksJI6H%2F%2BlyB9VQsHB3Ct7mxmiwKJshnVZSaa7dWg38Y4hE3jN6bAj9tCWM6SI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f829038059265-FRA

GET
H2 200 shockingTruth.css
darkagedefender.com/assets/style/presells/ 3 KB
1 KB 109ms
108ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/assets/style/presells/shockingTruth.css?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7f57e0882cb51997265d70d72ab540c06032b04d36e61e025a79db7b8734c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 07 Sep 2022 15:59:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"cb0-5e8186542f044-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA8%2Ff7yRrwZq%2BXnqFc3HLR8xO0DFzGjDcRTvcfLRHiwCIvTAwdGEtliLr44bQy0Tjbtclpr1rZqvGAAP5apfcNvbhNalyK6RQI1ZpWtNYoVCtHGKlXcJLckF5qSp%2FG0bgs%2FeKOr7CPXsfU4NQx%2FQBkUl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f829038029265-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 182 KB
45 KB 78ms
27ms Script
application/javascript 94.130.239.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.239.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-07.pushwoosh.com
Software: nginx /
Resource Hash: ab124775fec26df3819b69e6ddbad542a2c52602d5958c8af915563ef268e75a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Thu, 01 Dec 2022 23:12:51 GMT
Content-Encoding: gzip
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 08:45:52 GMT
Server: nginx
ETag: W/"d50a1b2bd010ebf2eca5a3e1f9c1df25"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=86400, public
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Fri, 02 Dec 2022 23:12:51 GMT

GET
H3 200 Logo-DAD.svg
darkagedefender.com/assets/images/logos/ 22 KB
10 KB 22ms
21ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darkagedefender.com/assets/images/logos/Logo-DAD.svg
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea63765705d7439ed85c21f5e64f4bc9cb552d0f3973c9f850aa8491948a6b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 22:37:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1856
etag: W/"56d7-5d683d8689d9a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cNRVFaICp%2BBKcLw4QjvlVJDZ0IEyglowy1Bpf2Kdmw52ieFsL9228Tc3lXZt8is9u4WBmPsPr838n3ZWbdYtcJza%2BKG5w%2BIu8hLBQ%2BeIAqGprwVskQxXtdWMX71tIXDsbTF%2FrwQndfxnb4wPe4ah81c"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82914d339b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 aftermath.jpg
darkagedefender.com/assets/images/presells/shockingTruth/ 206 KB
207 KB 119ms
118ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darkagedefender.com/assets/images/presells/shockingTruth/aftermath.jpg?v=10001
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f34be76200c4d35c36a9217a9845151477ae582502f7d598f57bd63a2bb51d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Feb 2022 21:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "33846-5d79c8629add7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU0NxA8R1QI05oo9yWxUdGw30I6AWnz07tJx7yCq4vzEKu5V7hMWHs0OckgrM%2FS%2FdfpF8ftfk9drvfNtcW4A%2F8mfeBjzCFBkYsADjMa7HJLFBNSrsG7SZhIY5Vwn6W062mj43LMvZHRY8jR6%2Fnki4xQq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82914d369b98-FRA
content-length: 211014
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 button.png
darkagedefender.com/assets/images/presells/shockingTruth/ 19 KB
20 KB 150ms
149ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darkagedefender.com/assets/images/presells/shockingTruth/button.png
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e00cef9a7ac838c6205af9ec481fe96cbc6e7282163d97d166edf074b6f893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Feb 2022 21:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d09-5d79c8629fbf7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp2BIisoUCx6BwFmTbL4CVIfw6Uw0YqlIIxIh14RCg6T3NWg84mdLUg9d5q1FmsRu3yMkKx%2FaehGq6IBFb2Qbu0tBFrq8yXxIJ%2FficEqz761PqfZ4SEzLDcDETmxKqfv6oClhobL68f4kFL%2FpZz%2FayYa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82914d389b98-FRA
content-length: 19721
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
55 KB 46ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9MPZPQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e810027224975894d8d62616ae201c20fdcff0f9bccb4c9c1be3dcdbe02b137a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56215
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 22:13:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Dec 2022 23:12:51 GMT

GET
H3 200 email-decode.min.js Show response
darkagedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://darkagedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 15:39:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6384d627-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiwqqpuB%2B2sJtl3kp6UC3jQvcW8mX5eJDXYcHXVU2mG2lASzZh9zFxnctE03V%2BElBeTs8%2B3U3U%2BpZaTWARTtxW2opJAawCqmH79alaa8pX%2BYex5hrH9zCwNhaggtHYBquyg6aSFvFjB4L2p2Yp7jge3C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 772f82910ccb9b98-FRA
expires: Sat, 03 Dec 2022 23:12:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4325c027286d879c96db8369a09ac689fc40acdbf521b8ff633b6c2ff3de693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:12:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Dec 2022 23:12:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 47ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 527527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 20:40:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 12636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 50ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 40391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 282479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 49ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 70419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:39:12 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 48ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700,800,900%7COswald:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:16:53 GMT
x-content-type-options: nosniff
age: 100558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:16:53 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 32ms
7ms Script
application/javascript 52.222.206.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer: https://darkagedefender.com/
Origin: https://darkagedefender.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:26:24 GMT
content-encoding: gzip
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
x-amz-cf-pop: FRA56-P3
age: 27988
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 8CFa89XdIlbdZ9-bfFAvQWAq-az42U8u5h1tgp6OOb8ddec2Ab-ITQ==

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
532 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora&display=swap

Requested by

Host: darkagedefender.com
URL: https://darkagedefender.com/assets/style/presells/shockingTruth.css?v=10001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a86878a76a0205530608219cc855ba6554a5f180690b1430ae0b8dce1ecdb155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 22:03:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Dec 2022 23:12:51 GMT

POST
H3 200 import Show response
darkagedefender.com/click/ 408 B
839 B 935ms
934ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/click/import
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/assets/scripts/jquery-2.2.0.min.js?v=10001
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1d59789658c887bc36bcb508f835138240932f890f6d28fe25d44d65d051a2

Request headers

Accept: */*
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOv7J5lBV8Awc%2BKLTxuh4XEh3ZuqzgSRcQgAkvXPV%2B1iQTo5KyL4A7qI%2FbIS6uVhX8IN2XKogGkTp416zmLKmyOOTdWrZxJTSqHgn%2Fbz4OA%2F8GjEaXK41AbDXMB7F%2FicZpPC70MdvpILvGbJOBuTrXxZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://darkagedefender.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82916d639b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 setAmplitudeDeviceId Show response
darkagedefender.com/ 5 B
569 B 145ms
144ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/setAmplitudeDeviceId?amplitudeDeviceId=9UKIbAA-SnGMYRAwsvBnzP
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/assets/scripts/jquery-2.2.0.min.js?v=10001
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf

Request headers

Accept: */*
Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMQGKY7evkpvvhZ4UHNDEVfEHZu5CGoz7P%2F19oy4IaEkArH%2FEWhMzULPzMhtosN1SNs9gL%2BEcqBNw2%2Bd3BFhfs7yJMDbSjtYvqMi9cH%2FHQZ6rV5uhOAKwx4RHtwUXcDXefhmuXBj2HNLIJSDM%2B63UcRn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://darkagedefender.com
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f8291addb9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 521ms
174ms XHR
text/html 44.239.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.41.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-41-64.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 01 Dec 2022 23:12:51 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-638934f3-7690a7b3395e74cd190df1c8
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10847918078/ 2 KB
2 KB 79ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10847918078/?random=1669936371504&cv=11&fst=1669936371504&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&auid=856851454.1669936372&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9MPZPQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f039cebec1ab81fd31988dc7428ec892072b85a459a4c10765f14092dd56334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10847918078/ 2 KB
2 KB 53ms
23ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10847918078/?random=1669936371510&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&bttype=purchase&auid=856851454.1669936372&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9MPZPQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

70772e194993064ddfed5b5e6115df155f9a113b3664c82a9098bc2835b8f236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1409
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 universal-script Show response
175132.tracking.hyros.com/v1/lst/ 34 KB
34 KB 411ms
203ms Script
text/plain 18.233.198.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!dark-age-defense
Requested by: Host: darkagedefender.com
URL: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.198.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-198-198.compute-1.amazonaws.com
Software: /
Resource Hash: 9aca625d24edf308e6dc747062f84097bf8ea4248beeebe3f8d8a5a7a7f451b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:51 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Dec 2022 23:12:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Hb4JEpROz1Aobf84Az0y/JZGj5z3+2P40n102lny+rGg5x9irUSbJT48txnWnwRH7hkG4fKBMW6SEdfW1+aAWA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 761797388300786 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/761797388300786?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62f414ca3c0b98533e95235256c5d1d2e449f17c302a78784a6aea420354682f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Dec 2022 23:12:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86019
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Hlt1LravOytHjrJMkDjI6u1EmWdI7k++9eSdtK50fHRlnlLeIEwXacZjRGbsdtoUcJBf/gGgv/8X1oQVG20K2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/10847918078/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v...
https://www.google.com/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleads...
https://www.google.de/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadse...

42 B
64 B

37ms
21ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&auid=856851454.1669936372&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0w2aG5BWVF1ZnZuM0ktY3hjMmJBUklsQUkzaTNieWMxT2ZZZlFSRUt3WjlGTEhqQTNQMXRGTTktVElYdUNucEhMdXFtQjlRWmcaWENoRUlnTDZobkFZUWxzeVJuUDZmNEl1UkFSSXRBQVZPdDlQS2otRXVIaWZHby1CSG5KU3g5OG0wUjcybHFoa255Skc4dDR0X21IRnlMOWJzeHdEbnhYWko&is_vtc=1&ocp_id=8zSJY7rWIZmG9fgPjt25gAM&eitems=ChEIgL6hnAYQ3eH8m9eWseGoARIdABa7JYz0vz0QGSFto3iM9Aql9A01FsEPL6kKxl4&random=3412841015&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10847918078/?random=1652281311&cv=11&fst=1669936371510&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=x8tcCOOF4JYDEP6v2LQo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&value=0&auid=856851454.1669936372&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0w2aG5BWVF1ZnZuM0ktY3hjMmJBUklsQUkzaTNieWMxT2ZZZlFSRUt3WjlGTEhqQTNQMXRGTTktVElYdUNucEhMdXFtQjlRWmcaWENoRUlnTDZobkFZUWxzeVJuUDZmNEl1UkFSSXRBQVZPdDlQS2otRXVIaWZHby1CSG5KU3g5OG0wUjcybHFoa255Skc4dDR0X21IRnlMOWJzeHdEbnhYWko&is_vtc=1&ocp_id=8zSJY7rWIZmG9fgPjt25gAM&eitems=ChEIgL6hnAYQ3eH8m9eWseGoARIdABa7JYz0vz0QGSFto3iM9Aql9A01FsEPL6kKxl4&random=3412841015&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10847918078/ 42 B
548 B 44ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10847918078/?random=1669936371504&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&fmt=3&is_vtc=1&random=361042843&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10847918078/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10847918078/?random=1669936371504&cv=11&fst=1669935600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&tiba=Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come&fmt=3&is_vtc=1&random=361042843&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 23:12:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=761797388300786&ev=PageView&dl=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&rl=&if=false&ts=1669936371617&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669936371616.930834497&it=1669936371562&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 23:12:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gusid Show response
175132.t.hyros.com/v1/lst/ 0
504 B 318ms
112ms XHR
text/plain 174.129.204.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!dark-age-defense
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.204.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-204-243.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://darkagedefender.com/
Product-ID: 175132
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:12:52 GMT
session-id: HB-ET_811c2d6d0dee50feb03a82d14b852adc3922a466fdf677b9515d32e57b8f4d64
etag: HB-ET_811c2d6d0dee50feb03a82d14b852adc3922a466fdf677b9515d32e57b8f4d64
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://darkagedefender.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 gusid
175132.t.hyros.com/v1/lst/ 0
0 318ms
100ms Preflight
application/vnd.sun.wadl+xml 174.129.204.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/gusid?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.204.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-204-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://darkagedefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://darkagedefender.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: HEAD,GET,OPTIONS
content-length: 1081
content-type: application/vnd.sun.wadl+xml;charset=utf-8
date: Thu, 01 Dec 2022 23:12:52 GMT
last-modified: Thu, 01 Dec 2022 23:12:52 UTC

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 175ms
175ms XHR
text/html 44.239.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.41.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-41-64.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 01 Dec 2022 23:12:52 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-638934f4-7ed9054778baf9dc3839a561
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H/1.1 200
OK getConfig Show response
cp.pushwoosh.com/json/1.3/ 1 KB
1 KB 61ms
12ms Fetch
application/json 188.40.221.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getConfig
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.221.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kubeapi-nue.pushwoosh.com
Software: nginx / pushwoosh/device-api
Resource Hash: 50fc5d546ac8f254511a4821f68a58da891c832e6f46db27c9b9195df5480c84

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 01 Dec 2022 23:12:52 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: pushwoosh/device-api
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H/1.1 200
OK applicationOpen Show response
cp.pushwoosh.com/json/1.3/ 128 B
647 B 11ms
11ms Fetch
application/json 188.40.221.212
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.221.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kubeapi-nue.pushwoosh.com
Software: nginx /
Resource Hash: bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 01 Dec 2022 23:12:52 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H3 200 manifest.json Show response
darkagedefender.com/ 868 B
783 B 111ms
110ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://darkagedefender.com/manifest.json
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353f88bfbade832c52165a0e7593a6c8ee486a753be310c285ef8a75a83e500e

Request headers

Referer: https://darkagedefender.com/shocking-truth?affId=252&c1=DADRepublicanPost120122&c2=DADRepublicanPost&c3=ServeBlackoutsOnTheWay&id=93593825&affid=252&cid=928&s1=DADRepublicanPost120122&s2=DADRepublicanPost&s3=ServeBlackoutsOnTheWay&s4=Email28&s5=wvjskun68ddu9fsk25eu6r1i&destination=watch/taliban
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 23:12:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Feb 2022 21:28:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"364-5d79c830720c3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPb7FsElK9hYTD5osnv7VbViT29xa41LoD1m4Ap7Xn8tKzH0kLDyhhYLI3KF4hgevnmG2aG3ZG3p5v65DSkq%2F5bFZ5GYrSx3LHZj%2BlqmsUKiBDZSg%2FgrMqd2GY5FhcGxsoeF%2F1qCNvu5N62PX84BGgjw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 772f82971fec9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pc Show response
175132.t.hyros.com/v1/lst/ 117 B
371 B 111ms
110ms XHR
application/json 174.129.204.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.71+Safari%2F537.36
Requested by: Host: 175132.tracking.hyros.com
URL: https://175132.tracking.hyros.com/v1/lst/universal-script?ph=9bc599f9ab46cb2f7507e8577d80913a8c63a505faba2e67e311117d32296386&tag=!dark-age-defense
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.204.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-204-243.compute-1.amazonaws.com
Software: /
Resource Hash: ed67ca761a678eca54bb2f913923d716bb6ebdeb5aa3f062ba5b8c442d160597

Request headers

Session-ID: HB-ET_811c2d6d0dee50feb03a82d14b852adc3922a466fdf677b9515d32e57b8f4d64
Product-ID: 175132
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://darkagedefender.com/
Access-Control-Allow-Headers: *

Response headers

date: Thu, 01 Dec 2022 23:12:52 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=utf-8
access-control-allow-origin: https://darkagedefender.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 117

OPTIONS
H2 200 pc
175132.t.hyros.com/v1/lst/ 0
0 103ms
103ms Preflight
application/vnd.sun.wadl+xml 174.129.204.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://175132.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.71+Safari%2F537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.204.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-204-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://darkagedefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://darkagedefender.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: HEAD,GET,OPTIONS
content-length: 5151
content-type: application/vnd.sun.wadl+xml;charset=utf-8
date: Thu, 01 Dec 2022 23:12:52 GMT
last-modified: Thu, 01 Dec 2022 23:12:52 UTC

POST
H2 200 checkDevice Show response
redhotm.pushwoosh.com/json/1.3/ 145 B
475 B 74ms
16ms Fetch
application/json 88.198.209.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/checkDevice
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.209.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r3-front-17.pushwoosh.com
Software: nginx /
Resource Hash: 7941bdd6e9a47deed782bab18eccfbf84a7bb77fdabdf6fb264c2ad070074f8b

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 23:12:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 getInboxMessages Show response
redhotm.pushwoosh.com/json/1.3/ 92 B
529 B 14ms
12ms Fetch
application/json 88.198.209.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://redhotm.pushwoosh.com/json/1.3/getInboxMessages
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.198.209.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: r3-front-17.pushwoosh.com
Software: nginx / phpDaemon/1.0-beta3
Resource Hash: 66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

Referer: https://darkagedefender.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Dec 2022 23:12:52 GMT
x-pw-front-node: inbox-api-6457ddf695-q2kw4
content-encoding: gzip
server: nginx
x-powered-by: phpDaemon/1.0-beta3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-pw-cluster-node: inbox-api-6457ddf695-q2kw4
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H/1.1 200
OK chrome.jpg
cdn.pushwoosh.com/webpush/img/ 37 KB
38 KB 22ms
21ms Image
image/jpeg 94.130.239.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.239.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-07.pushwoosh.com
Software: nginx /
Resource Hash: 1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Thu, 01 Dec 2022 23:12:53 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 38391
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
ETag: "a4a1bfc744068b330bbb9fd7ad8f4d6e"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=3600, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Fri, 02 Dec 2022 00:12:53 GMT

GET
H/1.1 200
OK chrome_unlock.jpg
cdn.pushwoosh.com/webpush/img/ 45 KB
45 KB 46ms
23ms Image
image/jpeg 94.130.239.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushwoosh.com/webpush/img/chrome_unlock.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.239.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cache-07.pushwoosh.com
Software: nginx /
Resource Hash: c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

X-Proxy-Cache: HIT
Date: Thu, 01 Dec 2022 23:12:53 GMT
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 45797
Last-Modified: Wed, 09 Jun 2021 13:23:33 GMT
Server: nginx
ETag: "9c37d8ab595f88bac2d323e77ff5e5dc"
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-rgw-object-type: Normal
Cache-Control: max-age=3600, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
Expires: Fri, 02 Dec 2022 00:12:53 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 20ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=761797388300786&ev=Microdata&dl=https%3A%2F%2Fdarkagedefender.com%2Fshocking-truth%3FaffId%3D252%26c1%3DDADRepublicanPost120122%26c2%3DDADRepublicanPost%26c3%3DServeBlackoutsOnTheWay%26id%3D93593825%26affid%3D252%26cid%3D928%26s1%3DDADRepublicanPost120122%26s2%3DDADRepublicanPost%26s3%3DServeBlackoutsOnTheWay%26s4%3DEmail28%26s5%3Dwvjskun68ddu9fsk25eu6r1i%26destination%3Dwatch%2Ftaliban&rl=&if=false&ts=1669936373124&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shocking%20Truth%20About%20The%20Biggest%20Threat%20To%20Come%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669936371616.930834497&it=1669936371562&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://darkagedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Dec 2022 23:12:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mozonsion-musestuff.icu/	1970-01-20 07:53:42	Name: 7d44e514-2613-4f73-9a3d-7b9a1e2266c2-v4 Value: L6mgcVEacajNObYqfHnMCFEbDMImEU4_SUAih8HL034
.mozonsion-musestuff.icu/	1970-01-20 16:37:52	Name: cc-v4 Value: 4GMAm14DsYvYqxlktVR%2F8qHbHcQ4EZLp003e%2FSG5MeCgmu7vWptCLAH5B7StDBSN%2BhzUIu%2BXDIIRpfchfsXaUZgmm0FTYw4x3fxyXdEj6b%2BzvKE4XIDhzynKQ8LjzZO6fmjQ3jWTHMUazsIyyQxQIg%3D%3D
.dbhtrkg.com/	1969-12-31 23:59:59	Name: sid Value: WC4YzUHzqFbSZ2CWmbbP/7aXC+g4U6jafbqeGPFla5+Hv537ZVvjFA==
.dbhtrkg.com/	1970-01-20 17:28:16	Name: trk Value: dg31M5iVk7jSZ2CWmbbP/7aXC+g4U6jafbqeGPFla5+Hv537ZVvjFA==
.dbhtrkg.com/	1970-01-20 08:35:28	Name: c35 Value: WC4YzUHzqFaHPXMeoqcGtvfqkeDF91TH9A0P0uutXf2aBTi2irFWZw==
.darkagedefender.com/	1970-01-20 08:06:40	Name: PHPSESSID Value: re7it5nu0t19vntr07poec167p
darkagedefender.com/	1970-01-20 08:06:40	Name: 100015_Affiliate Value: a%3A5%3A%7Bs%3A4%3A%22type%22%3Bs%3A4%3A%22CAKE%22%3Bs%3A5%3A%22resid%22%3Bs%3A8%3A%2293593825%22%3Bs%3A4%3A%22afid%22%3Bs%3A3%3A%22252%22%3Bs%3A6%3A%22campid%22%3Bs%3A3%3A%22928%22%3Bs%3A6%3A%22subids%22%3Ba%3A5%3A%7Bs%3A2%3A%22s1%22%3Bs%3A23%3A%22DADRepublicanPost120122%22%3Bs%3A2%3A%22s2%22%3Bs%3A17%3A%22DADRepublicanPost%22%3Bs%3A2%3A%22s3%22%3Bs%3A22%3A%22ServeBlackoutsOnTheWay%22%3Bs%3A2%3A%22s4%22%3Bs%3A7%3A%22Email28%22%3Bs%3A2%3A%22s5%22%3Bs%3A24%3A%22wvjskun68ddu9fsk25eu6r1i%22%3B%7D%7D
darkagedefender.com/	1970-01-20 08:02:21	Name: AMPLITUDE_DEVICE_ID Value: 9UKIbAA-SnGMYRAwsvBnzP
.darkagedefender.com/	1970-01-20 17:28:16	Name: amp_0a2f9a Value: 9UKIbAA-SnGMYRAwsvBnzP...1gj7vdlo9.1gj7vdloj.1.1.2
.darkagedefender.com/	1970-01-20 10:01:52	Name: _gcl_au Value: 1.1.856851454.1669936372
.doubleclick.net/	1970-01-20 07:52:17	Name: test_cookie Value: CheckForPermission
.darkagedefender.com/	1970-01-20 10:01:52	Name: _fbp Value: fb.1.1669936371616.930834497
175132.t.hyros.com/	1970-01-20 17:28:16	Name: __mh_tt_s Value: HB-ET_811c2d6d0dee50feb03a82d14b852adc3922a466fdf677b9515d32e57b8f4d64

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175132.t.hyros.com
175132.tracking.hyros.com
ajax.googleapis.com
api.amplitude.com
cdn.amplitude.com
cdn.pushwoosh.com
connect.facebook.net
cp.pushwoosh.com
darkagedefender.com
dbhtrkg.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mozonsion-musestuff.icu
redhotm.pushwoosh.com
su8x0h.jlnk2.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.18.98
174.129.204.243
18.195.123.247
18.233.198.198
18.235.214.191
188.40.221.212
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:806::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
44.239.41.64
52.222.206.118
54.221.161.229
88.198.209.125
94.130.239.232
1d9d7ae5da2739bb3c90c97c41799f0555a7711122deebad64ff48789b30671e
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
353f88bfbade832c52165a0e7593a6c8ee486a753be310c285ef8a75a83e500e
3f039cebec1ab81fd31988dc7428ec892072b85a459a4c10765f14092dd56334
50fc5d546ac8f254511a4821f68a58da891c832e6f46db27c9b9195df5480c84
51f34be76200c4d35c36a9217a9845151477ae582502f7d598f57bd63a2bb51d
62f414ca3c0b98533e95235256c5d1d2e449f17c302a78784a6aea420354682f
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
6a976576c30c8355b268f0503b84d260c4f3856bc7b5ce55cacc0ff4b5904595
70772e194993064ddfed5b5e6115df155f9a113b3664c82a9098bc2835b8f236
7941bdd6e9a47deed782bab18eccfbf84a7bb77fdabdf6fb264c2ad070074f8b
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e31677f0b54b5fd213474d196a4a43bf13122bd317d160ad470ef0c566a25f0
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9a7f57e0882cb51997265d70d72ab540c06032b04d36e61e025a79db7b8734c5
9aca625d24edf308e6dc747062f84097bf8ea4248beeebe3f8d8a5a7a7f451b5
a4325c027286d879c96db8369a09ac689fc40acdbf521b8ff633b6c2ff3de693
a86878a76a0205530608219cc855ba6554a5f180690b1430ae0b8dce1ecdb155
ab124775fec26df3819b69e6ddbad542a2c52602d5958c8af915563ef268e75a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bda0488cafa2fa2eac0079294db23250768172ab0e36269db46a1fdc99d51f67
c1456c9f967f25ccda8466d0956c0117974867e4d534e1f577eba635f37f0408
c932fd652d20fb30d9f5ef505c16b814c92ee5070b3590a4ba8f2bf934f5d30d
c9c4b6ee5cd74a8dae3caa85f95678aa592c060d18c6f21e37c0d0e1446dc4af
d10036cce39b0c2bfb70d5d1618f5806ddd2b0be75dd1b3656831f36b0db94bf
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
da1d59789658c887bc36bcb508f835138240932f890f6d28fe25d44d65d051a2
dea63765705d7439ed85c21f5e64f4bc9cb552d0f3973c9f850aa8491948a6b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e810027224975894d8d62616ae201c20fdcff0f9bccb4c9c1be3dcdbe02b137a
e8e00cef9a7ac838c6205af9ec481fe96cbc6e7282163d97d166edf074b6f893
ed67ca761a678eca54bb2f913923d716bb6ebdeb5aa3f062ba5b8c442d160597
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e13231ec40eac8229a1af785e63b6e9b501d10e2b99fa6c301ddebd983692
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

darkagedefender.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

48 %IPv6

16 Domains

21 Subdomains

18 IPs

2 Countries

768 kBTransfer

1466 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

darkagedefender.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

48 %
IPv6

16
Domains

21
Subdomains

18
IPs

2
Countries

768 kB
Transfer

1466 kB
Size

13
Cookies

48 HTTP transactions
0 data transactions